krb5-devel-1.6.1-80.el5_11.i386
[1.9 MiB] |
Changelog
by Nalin Dahyabhai (2014-08-28):
- rebuild
|
krb5-devel-1.6.1-78.el5.i386
[1.9 MiB] |
Changelog
by Nalin Dahyabhai (2014-07-28):
- gssapi: pull in upstream fix for a possible NULL dereference in spnego
(CVE-2014-4344, #1121509)
|
krb5-devel-1.6.1-70.el5_9.2.i386
[1.9 MiB] |
Changelog
by Nalin Dahyabhai (2013-06-05):
- rebuild, correcting changelog version/release identifiers
|
krb5-devel-1.6.1-70.el5.i386
[1.9 MiB] |
Changelog
by Nalin Dahyabhai (2011-12-27):
- add upstream patch for telnetd buffer overflow (CVE-2011-4862, #770351)
|
krb5-devel-1.6.1-63.el5_7.i386
[1.9 MiB] |
Changelog
by Huzaifa Sidhpurwala (2011-12-27):
- Fix for CVE-2011-4862
|
krb5-devel-1.6.1-55.el5_6.1.i386
[1.9 MiB] |
Changelog
by Nalin Dahyabhai (2011-01-20):
- add upstream patch to fix hang or crash in the KDC when using the LDAP kdb
backend (CVE-2011-0281, CVE-2011-0282, #671096)
|
krb5-devel-1.6.1-36.el5_5.6.i386
[1.8 MiB] |
Changelog
by Nalin Dahyabhai (2010-11-12):
- incorporate candidate patch for checksum acceptance issues from
MITKRB5-SA-2010-007 (CVE-2010-1323, #652307)
|
krb5-devel-1.6.1-36.el5_5.4.i386
[1.8 MiB] |
Changelog
by Nalin Dahyabhai (2010-05-04):
- add candidate patch to correct KDC null pointer dereference which
could be triggered by malformed client requests (CVE-2010-1321, #583703)
|
krb5-devel-1.6.1-36.el5_5.2.i386
[1.8 MiB] |
Changelog
by Nalin Dahyabhai (2010-03-30):
- add upstream patch to fix a few use-after-free bugs, including one in
kadmind (CVE-2010-0629, #578185)
|
krb5-devel-1.6.1-36.el5_4.1.i386
[1.8 MiB] |
Changelog
by Nalin Dahyabhai (2009-12-10):
- add candidate patch to correct KDC integer overflows which could be
triggered by malformed RC4 and AES ciphertexts (CVE-2009-4212, #546347)
|
krb5-devel-1.6.1-31.el5_3.3.i386
[1.8 MiB] |
Changelog
by Nalin Dahyabhai (2009-04-03):
- update to revised patch for CVE-2009-0844/CVE-2009-0845
|
krb5-devel-1.6.1-25.el5_2.1.i386
[1.9 MiB] |
Changelog
by Nalin Dahyabhai (2008-09-11):
- backport fix from 1.6.3 to abort a sequential scan of a keytab if the
handle to the keytab has become invalidated during the scan (via Vince
Worthington, #461908)
|
krb5-devel-1.6.1-17.el5_1.1.i386
[1.9 MiB] |
Changelog
by Nalin Dahyabhai (2008-03-07):
- add preliminary patch to fix use of uninitialized pointer / double-free in
KDC (CVE-2008-0062,CVE-2008-0063) (#432620, #432621)
- add backported patch to fix use-after-free in libgssapi_krb5 (CVE-2007-5901)
(#415321)
- add backported patch to fix double-free in libgssapi_krb5 (CVE-2007-5971)
(#415351)
- add preliminary patch to fix incorrect handling of high-numbered descriptors
in the RPC library (CVE-2008-0947) (#433596)
|
krb5-devel-1.6.1-17.el5.i386
[1.9 MiB] |
Changelog
by Nalin Dahyabhai (2007-09-11):
- ftpd: also do PAM session and credential management when ftp clients use
strong authentication (#286291)
|
krb5-devel-1.5-29.i386
[1.7 MiB] |
Changelog
by Nalin Dahyabhai (2007-09-06):
- update to revised patch for CVE-2007-3999
|
krb5-devel-1.5-28.i386
[1.7 MiB] |
Changelog
by Nalin Dahyabhai (2007-08-15):
- add preliminary patch to fix buffer overflow in rpcsec_gss implementation
in libgssrpc (#250973, CVE-2007-3999) and write through uninitialized
pointer in kadmind (#250976, CVE-2007-4000)
|
krb5-devel-1.5-26.i386
[1.7 MiB] |
Changelog
by Nalin Dahyabhai (2007-06-01):
- add patch to fix buffer overflow in kadmind (#239073, CVE-2007-2798)
|