| Id | Subject
|
| 5442 |
memory leak in gss_accept_sec_context() |
| 5544 |
typo in krb5.conf man page |
| 5605 |
NIM: BUG: APP: Advanced View update problem on Vista |
| 5632 |
kinit should not fail when krb5conf is missing |
| 5745 |
NIM: FEATURE: KRB5: extended krb5 error support |
| 5752 |
gcc -fworking-directory breaks make depend |
| 5777 |
keytab iteration + search don't mix |
| 5830 |
src/plugins/preauth/pkinit/configure.in erroneous AC_CHECK_FUNCS |
| 5839 |
fix krb5_string_to_keysalts() string processing infinite loop and default keysalt type |
| 5840 |
Prevent kadm5_decrypt_key() from coercing the keytype if the requested ktype == -1 |
| 5842 |
NIM 1.3.1 - Show Network Identity Manager Window bug |
| 5851 |
KFW BUG: WIX: 64-bit installer attempts to uninstall 32-bit NSIS |
| 5852 |
copy correct key for lucid context acceptor_subkey |
| 5853 |
apparent uninit length in ftpd.c:reply() [CVE-2007-5894] |
| 5854 |
freeing non-heap in gss_indicate_mechs() [CVE-2007-5901] |
| 5855 |
integer overflow in svcauth_gss_get_principal() [CVE-2007-5902] |
| 5856 |
double-free in gss_krb5int_make_seal_token_v3() [CVE-2007-5971] |
| 5857 |
double fclose() in krb5_def_store_mkey() [CVE-2007-5972] |
| 5858 |
KFW: BUG: KRB5CRED: Set identity data before sending notification |
| 5875 |
Windows: avoid use of cygwin mkdir and rmdir commands |
| 5879 |
Actually pass the nmake arguments to nmake |
| 5880 |
libdb btree page split on zero index corrupts db |
| 5888 |
more tests for libdb btree page split on zero index |
| 5892 |
man page macro and hyphen fixes |
| 5893 |
krb5_get_cred_from_kdc_opt does not preserve NUL-terminated realm data |
| 5895 |
mutex locking issues in memory ccaches |
| 5897 |
Possible memory leak in krb5_mcc_resolve |
| 5918 |
MITKRB5-SA-2008-002 rpc/svc.c descriptor array overrun [CVE-2008-0947] |
| 5919 |
MITKRB5-SA-2008-001 kdc krb4 double-free [CVE-2008-0062], uninit data [CVE-2008-0063] vulns |
| 5924 |
Non-unique microseconds in TGS_REQ authenticator causing KRB5KRB_AP_ERR_REPEAT Request is a replay |
| 5933 |
Coverity CID 101: Fix minor bounds check error. |
| 5936 |
gss_accept_sec_context() returns minor_status == 0 if arg3 == GSS_C_NO_CREDENTIAL |
| 5944 |
fix possible buffer overrun in handling generic-error return |
| 5953 |
Properly escape - in kdb5_ldap_util man page |
| 5980 |
krb5_cc_default_name() can return NULL, but is passed directly to strcmp() (causing crash) |
| 5994 |
fix possible but unlikely leak, bad memory refs in gssapi auth |
| 5995 |
fix off-by-one error in FD_SETSIZE check in sendto_kdc.c |
| 5996 |
fix free of automatic storage |
| 5997 |
misc memory leaks |
| 5998 |
use-after-free bugs [CVE-2010-0629] |
| 6018 |
Support for recovering from broken rcache |
| 6022 |
add copyright to lib/crypto/enc_provider/aes.c |
| 6028 |
kdb5_util references uninitialized progname |
| 6030 |
kdb5_util/kdb5_ldap_util core dumps and prints incorrect progname on error paths |
| 6033 |
krb5_get_cred_via_tkt() should null out_cred on errors |
| 6040 |
Assign fixed ordinals to comerr32.dll exports |
| 6046 |
NIM: dynimport should include krb5_*_error_message() functions |
| 6047 |
NIM: kherr should keep track of first error instead of last |
| 6053 |
fix possible uninit variable use in error path |
| 6064 |
fix cleanup code in allocating preauth info |
| 6065 |
bad free in kprop |
| 6426 |
CVE-2009-0845 (1.6.x) SPNEGO can dereference a null pointer |
| 6433 |
Ticket 5995 (r20586) broke ticket acquistion on Microsoft Windows |
| 6446 |
CVE-2009-0844 (1.6.x) SPNEGO can read beyond buffer end |
| 6447 |
CVE-2009-0847 (1.6.x) asn1buf_imbed incorrect length validatin |
| 6448 |
CVE-2009-0846 (1.6.x) asn1_decode_generaltime can free uninitialized pointer |
| 6531 |
include win-mac.h in gssftp/ftp/cmds.c for HAVE_STDLIB_H |
| 6535 |
jumbo pullup for kfw-3.2.3-alpha1 |
| 6638 |
MITKRB5-SA-2009-004 [CVE-2009-4212] integer underflow in AES and RC4 decryption |
