From 5214e3599de2ba4e326d0164e392f9159ed13950 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Sat, 22 Mar 2008 01:12:24 +0000 Subject: [PATCH] README and patchlevel for krb5-1.6.4-beta1 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@20286 dc483132-0cff-0310-8789-dd5450dbe970 --- README | 60 +++++++++++++++++++++++++++++++++++++++++++----- src/patchlevel.h | 8 +++---- 2 files changed, 58 insertions(+), 10 deletions(-) diff --git a/README b/README index 48e61b42a..62570df12 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ - Kerberos Version 5, Release 1.6.3 + Kerberos Version 5, Release 1.6.4 Release Notes The MIT Kerberos Team @@ -7,20 +7,20 @@ Unpacking the Source Distribution --------------------------------- The source distribution of Kerberos 5 comes in a gzipped tarfile, -krb5-1.6.3.tar.gz. Instructions on how to extract the entire +krb5-1.6.4.tar.gz. Instructions on how to extract the entire distribution follow. If you have the GNU tar program and gzip installed, you can simply do: - gtar zxpf krb5-1.6.3.tar.gz + gtar zxpf krb5-1.6.4.tar.gz If you don't have GNU tar, you will need to get the FSF gzip distribution and use gzcat: - gzcat krb5-1.6.3.tar.gz | tar xpf - + gzcat krb5-1.6.4.tar.gz | tar xpf - -Both of these methods will extract the sources into krb5-1.6.3/src and -the documentation into krb5-1.6.3/doc. +Both of these methods will extract the sources into krb5-1.6.4/src and +the documentation into krb5-1.6.4/doc. Building and Installing Kerberos 5 ---------------------------------- @@ -59,6 +59,54 @@ http://krbdev.mit.edu/rt/ and logging in as "guest" with password "guest". +Major changes in krb5-1.6.4 +--------------------------- + +[5880] Fix long-standing bug in libdb btree page splits that could + cause database corruption under unusual circumstances. This + is believed to be one of the major causes of unexplained + database corruption events reported to us over many years. + +[5918] Fix MITKRB5-SA-2008-002 rpc/svc.c file descriptor array + overrun. [CVE-2008-0947] + +[5919] Fix MITKRB5-SA-2008-001 double-free in KDC krb4 code + [CVE-2008-0062], and uninitialized data in KDC krb4 code. + [CVE-2008-0063] + +krb5-1.6.4 changes by ticket ID +------------------------------- + +5752 gcc -fworking-directory breaks make depend +5777 keytab iteration + search don't mix +5830 src/plugins/preauth/pkinit/configure.in erroneous + AC_CHECK_FUNCS +5842 NIM 1.3.1 - Show Network Identity Manager Window bug +5851 KFW BUG: WIX: 64-bit installer attempts to uninstall 32-bit + NSIS +5852 copy correct key for lucid context acceptor_subkey +5853 apparent uninit length in ftpd.c:reply() [CVE-2007-5894] +5854 freeing non-heap in gss_indicate_mechs() [CVE-2007-5901] +5855 integer overflow in svcauth_gss_get_principal() + [CVE-2007-5902] +5856 double-free in gss_krb5int_make_seal_token_v3() + [CVE-2007-5971] +5857 double fclose() in krb5_def_store_mkey() [CVE-2007-5972] +5858 KFW: BUG: KRB5CRED: Set identity data before sending + notification +5875 Windows: avoid use of cygwin mkdir and rmdir commands +5879 Actually pass the nmake arguments to nmake +5880 libdb btree page split on zero index corrupts db +5888 more tests for libdb btree page split on zero index +5892 man page macro and hyphen fixes +5893 krb5_get_cred_from_kdc_opt does not preserve NUL-terminated + realm data +5897 Possible memory leak in krb5_mcc_resolve +5918 MITKRB5-SA-2008-002 rpc/svc.c descriptor array overrun + [CVE-2008-0947] +5919 MITKRB5-SA-2008-001 kdc krb4 double-free [CVE-2008-0062], + uninit data [CVE-2008-0063] vulns + Major changes in krb5-1.6.3 --------------------------- diff --git a/src/patchlevel.h b/src/patchlevel.h index 7e03467fe..0a599d12c 100644 --- a/src/patchlevel.h +++ b/src/patchlevel.h @@ -1,7 +1,7 @@ /* * patchlevel.h * - * Copyright (C) 2004-2006 by the Massachusetts Institute of Technology. + * Copyright (C) 2004-2008 by the Massachusetts Institute of Technology. * All rights reserved. * * Export of this software from the United States of America may @@ -52,7 +52,7 @@ */ #define KRB5_MAJOR_RELEASE 1 #define KRB5_MINOR_RELEASE 6 -#define KRB5_PATCHLEVEL 3 -#define KRB5_RELTAIL "postrelease" +#define KRB5_PATCHLEVEL 4 +#define KRB5_RELTAIL "beta1" /* #undef KRB5_RELDATE */ -#define KRB5_RELTAG "branches/krb5-1-6" +#define KRB5_RELTAG "tags/krb5-1-6-4-beta1" -- 2.26.2