Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

krb5-pkinit-1.21.1-2.el9_4 RPM for s390x

From AlmaLinux 9.4 BaseOS for s390x

Name: krb5-pkinit Distribution: AlmaLinux
Version: 1.21.1 Vendor: AlmaLinux
Release: 2.el9_4 Build date: Tue Sep 3 13:38:02 2024
Group: Unspecified Build host: s390x-builder02.almalinux.org
Size: 127628 Source RPM: krb5-1.21.1-2.el9_4.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: https://web.mit.edu/kerberos/www/
Summary: The PKINIT module for Kerberos 5
Kerberos is a network authentication system. The krb5-pkinit
package contains the PKINIT plugin, which allows clients
to obtain initial credentials from a KDC using a private key and a
certificate.

Provides

Requires

License

MIT

Changelog

* Mon Jul 01 2024 Julien Rische <jrische@redhat.com> - 1.21.1-2
  - CVE-2024-37370 CVE-2024-37371
    Fix vulnerabilities in GSS message token handling
    Resolves: RHEL-45401 RHEL-45390
* Tue Aug 08 2023 Julien Rische <jrische@redhat.com> - 1.21.1-1
  - New upstream version (1.21.1)
  - Fix double-free in KDC TGS processing (CVE-2023-39975)
  - Add support for "pac_privsvr_enctype" KDB string attribute
    Resolves: rhbz#2060421
* Thu Jun 08 2023 Julien Rische <jrische@redhat.com> - 1.20.1-9
  - Do not disable PKINIT if some of the well-known DH groups are unavailable
    Resolves: rhbz#2187722
  - Make PKINIT CMS SHA-1 signature verification available in FIPS mode
    Resolves: rhbz#2155607
  - Allow to set PAC ticket signature as optional
    Resolves: rhbz#2178298
* Wed Feb 22 2023 Julien Rische <jrische@redhat.com> - 1.20.1-8
  - Fix datetime parsing in kadmin on s390x
    Resolves: rhbz#2169985
* Tue Feb 14 2023 Julien Rische <jrische@redhat.com> - 1.20.1-7
  - Fix double free on kdb5_util key creation failure
    Resolves: rhbz#2166603
* Tue Jan 31 2023 Julien Rische <jrische@redhat.com> - 1.20.1-6
  - Add support for MS-PAC extended KDC signature (CVE-2022-37967)
    Resolves: rhbz#2165827
* Thu Jan 19 2023 Julien Rische <jrische@redhat.com> - 1.20.1-5
  - Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
  - Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
    Resolves: rhbz#2162461
* Thu Jan 12 2023 Julien Rische <jrische@redhat.com> - 1.20.1-4
  - Set aes256-cts-hmac-sha384-192 as EXAMLE.COM master key in kdc.conf
  - Add AES SHA-2 HMAC family as EXAMPLE.COM supported etypes in kdc.conf
    Resolves: rhbz#2068535
* Tue Jan 10 2023 Julien Rische <jrische@redhat.com> - 1.20.1-2
  - Strip debugging data from ksu executable file
    Resolves: rhbz#2159643
* Wed Dec 07 2022 Julien Rische <jrische@redhat.com> - 1.20.1-1
  - Make tests compatible with sssd-client
    Resolves: rhbz#2151513
  - Remove invalid password expiry warning
    Resolves: rhbz#2121099
  - Update error checking for OpenSSL CMS_verify
    Resolves: rhbz#2063838
  - New upstream version (1.20.1)
    Resolves: rhbz#2016312
  - Fix integer overflows in PAC parsing (CVE-2022-42898)
    Resolves: rhbz#2140971
* Tue Oct 18 2022 Julien Rische <jrische@redhat.com> - 1.19.1-23
  - Fix kprop for propagating dump files larger than 4GB
    Resolves: rhbz#2133014
* Fri Jul 08 2022 Julien Rische <jrische@redhat.com> - 1.19.1-22
  - Restore "supportedCMSTypes" attribute in PKINIT preauth requests
  - Set SHA-512 or SHA-256 with RSA as preferred CMS signature algorithms
    Resolves: rhbz#2068935

Files

/usr/lib/.build-id
/usr/lib/.build-id/49
/usr/lib/.build-id/49/f5de9ebacdd1bac278045c4c3ccd7fbf6bcf2b
/usr/lib64/krb5
/usr/lib64/krb5/plugins
/usr/lib64/krb5/plugins/preauth
/usr/lib64/krb5/plugins/preauth/pkinit.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Nov 7 08:00:08 2024