From cf3377d75d3e8df54be85faa9b37e319559aa191 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Tue, 25 Oct 2011 19:58:29 +0000 Subject: [PATCH] README and patchlevel.h for krb5-1.8.5-beta1 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@25415 dc483132-0cff-0310-8789-dd5450dbe970 --- README | 22 ++++++++++++++++++++++ src/patchlevel.h | 6 +++--- 2 files changed, 25 insertions(+), 3 deletions(-) diff --git a/README b/README index 920b7d47f..745bc0d96 100644 --- a/README +++ b/README @@ -87,6 +87,24 @@ Major changes in 1.8.4 This is primarily a bugfix release. +* Fix MITKRB5-SA-2011-006 KDC denial of service vulnerabilities + [CVE-2011-1528 CVE-2011-1529 CVE-2011-4151]. + +krb5-1.8.4 changes by ticket ID +------------------------------- + +6925 Memory leak in save_error_string_nocopy() +6926 work around Dejagnu failure on modern Tcl +6983 SA-2011-006 KDC denial of service [CVE-2011-1527 CVE-2011-1528 + CVE-2011-1529] +6984 modernize doc/Makefile somewhat +6991 fix tar invocation in mkrel + +Major changes in 1.8.4 +---------------------- + +This is primarily a bugfix release. + * Fix vulnerabilities: ** KDC uninitialized pointer crash [MITKRB5-SA-2010-006 CVE-2010-1322] ** kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022] @@ -397,6 +415,7 @@ Past and present Sponsors of the MIT Kerberos Consortium: Columbia University Cornell University The Department of Defense of the United States of America (DoD) + Fidelity Investments Google Iowa State University MIT @@ -431,6 +450,7 @@ Past and present members of the Kerberos Team at MIT: Mark Colan Don Davis Alexandra Ellwood + Carlos Garay Dan Geer Nancy Gilman Matt Hancher @@ -445,6 +465,7 @@ Past and present members of the Kerberos Team at MIT: Kevin Koch John Kohl HaoQi Li + Jonathan Lin Peter Litwack Scott McGuire Steve Miller @@ -530,6 +551,7 @@ reports, suggestions, and valuable resources: Jan iankko Lieskovsky Kevin Longfellow Ryan Lynch + Nathaniel McCallum Cameron Meadors Franklyn Mendez Markus Moeller diff --git a/src/patchlevel.h b/src/patchlevel.h index b1f6ab103..355385f26 100644 --- a/src/patchlevel.h +++ b/src/patchlevel.h @@ -52,7 +52,7 @@ */ #define KRB5_MAJOR_RELEASE 1 #define KRB5_MINOR_RELEASE 8 -#define KRB5_PATCHLEVEL 4 -#define KRB5_RELTAIL "postrelease" +#define KRB5_PATCHLEVEL 5 +#define KRB5_RELTAIL "beta1" /* #undef KRB5_RELDATE */ -#define KRB5_RELTAG "branches/krb5-1-8" +#define KRB5_RELTAG "tags/krb5-1-8-5-beta1" -- 2.26.2