From c7f0d18b61e506e85d6b5bff3900663583d240c6 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Tue, 9 Jan 2007 23:59:38 +0000 Subject: [PATCH] README and patchlevel.h for krb5-1.6 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19046 dc483132-0cff-0310-8789-dd5450dbe970 --- README | 32 ++++++++++++++++++++++++++++++-- src/patchlevel.h | 4 ++-- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/README b/README index aff0f537c..ea0fe3c34 100644 --- a/README +++ b/README @@ -59,8 +59,8 @@ http://krbdev.mit.edu/rt/ and logging in as "guest" with password "guest". -Major changes in 1.6 ----------------------- +Major changes in krb5-1.6 +------------------------- * Partial client implementation to handle server name referrals. @@ -68,6 +68,15 @@ Major changes in 1.6 * LDAP KDB plug-in, donated by Novell. +* Fix for MITKRB5-SA-2006-002: the RPC library could call an + uninitialized function pointer, which created a security + vulnerability for kadmind. + +* Fix for MITKRB5-SA-2006-003: the GSS-API mechglue layer could fail + to initialize some output pointers, causing callers to attempt to + free uninitialized pointers. This caused a security vulnerability + in kadmind. + Note that the implementation of referral handling involves a change to the behavior of krb5_sname_to_principal() to return a zero-length realm name if it is unable to find the realm corresponding to the @@ -78,6 +87,17 @@ particular method of implementing service principal name referral handling may change in the future; we invite discussion on this subject. +Major known bugs in krb5-1.6 +---------------------------- + +5293 crash creating db2 database in non-existent directory + + Attempting to create a KDB in a non-existent directory using the + Berkeley DB back end may cause a crash resulting from a null pointer + dereference. If a core dump occurs, this may cause a local exposure + of sensitive information such a master key password. This wil be + fixed in an upcoming patch release. + krb5-1.6 changes by ticket ID ----------------------------- @@ -197,6 +217,14 @@ for a current listing with links to the complete tickets. 5125 Add -clearpolicy to kadmin addprinc usage 5152 misc cleanups in admin guide ldap sections 5159 don't split HTML output from makeinfo +5223 Fix typo in user-guide.texinfo +5245 Repair broken links in NetIdMgr Help +5260 Deletion of principal fails +5265 update ldap/Makefile.in for newer autoconf substitution requirements +5271 Document KDC behavior without stash file +5279 Document what the kadmind ACL is for +5301 MITKRB5-SA-2006-002: svctcp_destroy() can call uninitialized function pointer +5302 MITKRB5-SA-2006-003: mechglue argument handling too lax Copyright and Other Legal Notices --------------------------------- diff --git a/src/patchlevel.h b/src/patchlevel.h index ae18306d9..10fb989d2 100644 --- a/src/patchlevel.h +++ b/src/patchlevel.h @@ -53,6 +53,6 @@ #define KRB5_MAJOR_RELEASE 1 #define KRB5_MINOR_RELEASE 6 #define KRB5_PATCHLEVEL 0 -#define KRB5_RELTAIL "beta2-postrelease" +/* #undef KRB5_RELTAIL */ /* #undef KRB5_RELDATE */ -#define KRB5_RELTAG "branches/krb5-1-6" +#define KRB5_RELTAG "tags/krb5-1-6-final" -- 2.26.2