| Id | Subject
|
| 1219 |
mechanism to delete old keys should exist |
| 2032 |
No advanced warning of password expiry |
| 5014 |
kadmin (and other utilities) should report enctypes as it takes them |
| 6647 |
Memory leak in kdc |
| 6672 |
Python test framework |
| 6679 |
Lazy history key creation |
| 6684 |
Simple kinit verbosity patch |
| 6686 |
IPv6 support for kprop and kpropd |
| 6688 |
mit-krb5-1.7 fails to compile against openssl-1.0.0 |
| 6699 |
Validate and renew should work on non-TGT creds |
| 6700 |
Introduce new krb5_tkt_creds API |
| 6712 |
Add IAKERB mechanism and gss_acquire_cred_with_password |
| 6714 |
[patch] fix format errors in krb5-1.8.1 |
| 6715 |
cksum_body exports |
| 6719 |
Add lockout-related performance tuning variables |
| 6720 |
Negative enctypes improperly read from keytabs |
| 6723 |
Negative enctypes improperly read from ccaches |
| 6733 |
Make signedpath authdata visible via GSS naming exts |
| 6736 |
Add krb5_enctype_to_name() API |
| 6737 |
Trace logging |
| 6746 |
Make kadmin work over IPv6 |
| 6749 |
DAL improvements |
| 6753 |
Fix XDR decoding of large values in xdr_u_int |
| 6755 |
Add GIC option for password/account expiration callback |
| 6758 |
Allow krb5_gss_register_acceptor_identity to unset keytab name |
| 6760 |
Fail properly when profile can't be accessed |
| 6761 |
add profile include support |
| 6762 |
key expiration computed incorrectly in libkdb_ldap |
| 6763 |
New plugin infrastructure |
| 6765 |
Password quality pluggable interface |
| 6769 |
clean up memory leak and potential unused variable in crypto tests |
| 6771 |
Fix memory leaks in kdb5_verify |
| 6772 |
Ensure valid key in krb5int_yarrow_cipher_encrypt_block |
| 6774 |
pkinit client cert matching can be disrupted by one of the candidate certs |
| 6775 |
pkinit <KU> evaluation during certificate matching may fail |
| 6776 |
Typos in src/plugins/preauth/pkinit/pkinit_crypto_openssl.c |
| 6777 |
Segmentation fault in krb library (sn2princ.c) if realm not resolved |
| 6778 |
kdb: store mkey list in context and permit NULL mkey for kdb_dbe_decrypt_key_data |
| 6779 |
kinit: add KDB keytab support |
| 6783 |
KDC worker processes feature |
| 6784 |
relicense Sun RPC to 3-clause BSD-style |
| 6785 |
Add gss_krb5_import_cred |
| 6786 |
kpasswd: if a credential cache is present, use FAST |
| 6787 |
S4U memory leak |
| 6791 |
kadm5_hook: new plugin interface |
| 6792 |
Implement k5login_directory and k5login_authoritative options |
| 6793 |
acquire_init_cred leaks interned name |
| 6794 |
krb5.conf manpage missing reference to rdns setting |
| 6795 |
Propagate modprinc -unlock from master to slave KDCs |
| 6796 |
segfault due to uninitialized variable in S4U |
| 6799 |
Performance issue in LDAP policy fetch |
| 6801 |
Fix leaks in get_init_creds interface |
| 6802 |
copyright notice updates |
| 6804 |
Remove KDC replay cache |
| 6805 |
securID code fixes |
| 6806 |
securID error handling fix |
| 6807 |
SecurID build support |
| 6809 |
gss_krb5int_make_seal_token_v3_iov fails to set conf_state |
| 6810 |
Better libk5crypto NSS fork safety |
| 6811 |
Mark Camellia-CCM code as experimental |
| 6812 |
krb5_get_credentials should not fail due to inability to store a credential in a cache |
| 6815 |
Failed kdb5_util load removes real database |
| 6819 |
Handle referral realm in kprop client principal |
| 6820 |
Read KDC profile settings in kpropd |
| 6822 |
Implement Camellia-CTS-CMAC instead of Camellia-CCM |
| 6823 |
getdate.y: declare yyparse |
| 6824 |
Export krb5_tkt_creds_get |
| 6825 |
Add missing KRB5_CALLCONV in callback declaration |
| 6826 |
Fix Windows build |
| 6827 |
SA-2010-007 Checksum vulnerabilities (CVE-2010-1324 and others) |
| 6828 |
Install kadm5_hook_plugin.h |
| 6829 |
Implement restrict_anonymous_to_tgt realm flag |
| 6838 |
Regression in renewable handling |
| 6839 |
handle MS PACs that lack server checksum |
| 6840 |
typo in plugin-related error message |
| 6841 |
memory leak in changepw.c |
| 6842 |
Ensure time() is prototyped in g_accept_sec_context.c |
