RT RT/krbdev.mit.edu: Bugs fixed in krb5-1.14 Not logged in.

Total: 68
Advanced Search based on this list
6938 krb5 and ldap signed traffic
7532 Improve support for large kvnos
7790 Make cross-realm S4U2Self work
7804 Can't write to file ccache with OPENCLOSE unset
7903 Remove des3 and arcfour from supported_enctypes
7991 kadmin should have a script-friendly mode
8002 Fix KCM ccache per-type cursor
8021 SPNEGO clients should not try IAKERB by default
8022 klist -s only looks for TGTs
8023 Use OFD locks where available
8025 krb5 gss_inquire_context doesn't work with partially established context
8026 Use stdio reads, O_APPEND writes in FILE ccache
8027 Client RPC timeout during kadmin listprincs command
8030 Add support for directories in profile paths
8046 Add new error message wrapping APIs
8047 Add err_fmt profile parameter
8048 Remove ksu -D flag documentation
8052 Include file ccache name in error messages
8062 Fix const correctness on krb5_c_fx_cf2_simple()
8123 Check timestamp in PKINIT kdcpreauth module
8124 Use preauth timestamp in PKINIT clpreauth module
8139 SIGNTICKET creation and verification doesn't always use the right key
8152 gss_acquire_cred_with_password() ignores expired creds
8157 Authentication indicator support
8161 kpropd -t (runonce) doesn't work for full dumps
8163 python test issues
8164 Avoid unnecessary iprop full resyncs after resets
8171 kadm5_hook does not have rename method
8198 Support SNI in MS-KKDCP client
8199 Only include one key in etype-info
8200 Add client_keyblock kdcpreauth callback
8213 Policy extensions in 1.11 break iprop dump compatibility
8215 Unify KDB principal flag specifiers
8217 Limit use of deprecated krb5 mech OIDs
8219 Conditionalize iprop stderr output in kadmind
8221 Fail during configure if stdint.h missing
8225 Improve krb5_cccol_have_content() error messages
8227 Allow missing authenticator checksum with GSSAPI
8228 Add krb5_c_prfplus() and krb5_c_derive_prfplus()
8233 Add secure cookie support
8234 Add etype-info2 to MORE_PREAUTH_DATA_REQUIRED
8235 Resolve krb5 GSS creds if time_rec is requested
8236 Update SPNEGO hintName value to current spec
8242 Improve PKINIT OpenSSL error reporting
8243 Add tabular dump capability to kdb5_util
8244 SPNEGO and IAKERB context aliasing bugs [CVE-2015-2695][CVE-2015-2696]
8245 kerberos.ldif file has malformed entries
8246 Fix error mappings for IOV MIC mechglue funcs
8251 Fix kadmin with e2fsprogs libss
8252 Fix build_principal memory bug [CVE-2015-2697]
8253 Fix minor utf8-to-ucs2s read overrun bug
8254 use appropriate default for krb5_cv_sys_rcdir when cross-compiling
8255 Define error status GSS_S_BAD_MIC
8256 Fix typo in GSS_S_UNAUTHORIZED error message
8257 Fix gss_inquire_names_for_mech() on MS krb5 mech
8258 Correct GSS major code for non-default QOP values
8259 Check output params on GSS OID set functions
8260 Fix gss_store_cred() minor code on acceptor cred
8262 Set plugin_base_dir for kadmin tests
8264 kdb_check test target uses installed message catalog
8266 Installed krb5.conf files can affect test suite
8267 unsetenv() returns void
8268 krb5 gss_accept_sec_context() does not allow clock skew
8269 Accept new passwords as const char pointers
8271 Zap secure cookie contents when freeing
8273 Fix IAKERB context export/import [CVE-2015-2698]