RT RT/krbdev.mit.edu: Bugs fixed in krb5-1.9 Not logged in.

Total: 78
Advanced Search based on this list
IdSubject
155 security concern with using home directory for .k5login
1219 mechanism to delete old keys should exist
2032 No advanced warning of password expiry
5014 kadmin (and other utilities) should report enctypes as it takes them
6647 Memory leak in kdc
6672 Python test framework
6679 Lazy history key creation
6684 Simple kinit verbosity patch
6686 IPv6 support for kprop and kpropd
6688 mit-krb5-1.7 fails to compile against openssl-1.0.0
6699 Validate and renew should work on non-TGT creds
6700 Introduce new krb5_tkt_creds API
6712 Add IAKERB mechanism and gss_acquire_cred_with_password
6714 [patch] fix format errors in krb5-1.8.1
6715 cksum_body exports
6719 Add lockout-related performance tuning variables
6720 Negative enctypes improperly read from keytabs
6723 Negative enctypes improperly read from ccaches
6733 Make signedpath authdata visible via GSS naming exts
6736 Add krb5_enctype_to_name() API
6737 Trace logging
6746 Make kadmin work over IPv6
6749 DAL improvements
6753 Fix XDR decoding of large values in xdr_u_int
6755 Add GIC option for password/account expiration callback
6758 Allow krb5_gss_register_acceptor_identity to unset keytab name
6760 Fail properly when profile can't be accessed
6761 add profile include support
6762 key expiration computed incorrectly in libkdb_ldap
6763 New plugin infrastructure
6765 Password quality pluggable interface
6769 clean up memory leak and potential unused variable in crypto tests
6771 Fix memory leaks in kdb5_verify
6772 Ensure valid key in krb5int_yarrow_cipher_encrypt_block
6774 pkinit client cert matching can be disrupted by one of the candidate certs
6775 pkinit <KU> evaluation during certificate matching may fail
6776 Typos in src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
6777 Segmentation fault in krb library (sn2princ.c) if realm not resolved
6778 kdb: store mkey list in context and permit NULL mkey for kdb_dbe_decrypt_key_data
6779 kinit: add KDB keytab support
6783 KDC worker processes feature
6784 relicense Sun RPC to 3-clause BSD-style
6785 Add gss_krb5_import_cred
6786 kpasswd: if a credential cache is present, use FAST
6787 S4U memory leak
6791 kadm5_hook: new plugin interface
6792 Implement k5login_directory and k5login_authoritative options
6793 acquire_init_cred leaks interned name
6794 krb5.conf manpage missing reference to rdns setting
6795 Propagate modprinc -unlock from master to slave KDCs
6796 segfault due to uninitialized variable in S4U
6799 Performance issue in LDAP policy fetch
6801 Fix leaks in get_init_creds interface
6802 copyright notice updates
6804 Remove KDC replay cache
6805 securID code fixes
6806 securID error handling fix
6807 SecurID build support
6809 gss_krb5int_make_seal_token_v3_iov fails to set conf_state
6810 Better libk5crypto NSS fork safety
6811 Mark Camellia-CCM code as experimental
6812 krb5_get_credentials should not fail due to inability to store a credential in a cache
6815 Failed kdb5_util load removes real database
6819 Handle referral realm in kprop client principal
6820 Read KDC profile settings in kpropd
6822 Implement Camellia-CTS-CMAC instead of Camellia-CCM
6823 getdate.y: declare yyparse
6824 Export krb5_tkt_creds_get
6825 Add missing KRB5_CALLCONV in callback declaration
6826 Fix Windows build
6827 SA-2010-007 Checksum vulnerabilities (CVE-2010-1324 and others)
6828 Install kadm5_hook_plugin.h
6829 Implement restrict_anonymous_to_tgt realm flag
6838 Regression in renewable handling
6839 handle MS PACs that lack server checksum
6840 typo in plugin-related error message
6841 memory leak in changepw.c
6842 Ensure time() is prototyped in g_accept_sec_context.c