RT RT/krbdev.mit.edu: Bugs fixed in krb5-1.8.4 Not logged in.

Total: 15
Advanced Search based on this list
6701 syntax error in src/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif
6764 has_mandatory_for_kdc_authdata checks only first authdata element
6768 GSSAPI forwarded credentials must be encrypted in session key
6790 skip invalid enctypes instead of erroring out in krb5_dbe_def_search_enctype
6797 CVE-2010-1322 KDC uninitialized pointer crash in authorization data handling (MITKRB5-SA-2010-006)
6798 set NT-SRV-INST on TGS principal names
6833 SA-2010-007 Checksum vulnerabilities (CVE-2010-1324 and others)
6843 handle MS PACs that lack server checksum
6853 Make gss_krb5_set_allowable_enctypes work for the acceptor (1.8 pullup)
6861 kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022]
6862 KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282]
6876 hmac-md5 checksum doesn't work with DES keys
6877 Don't reject AP-REQs based on PACs
6882 KDC double-free when PKINIT enabled [MITKRB5-SA-2011-003 CVE-2011-0284]
6900 kadmind frees invalid pointer [MITKRB5-SA-2011-004 CVE-2011-0285]