system environment/libraries

krb5 - The Kerberos network authentication system.

Website: http://web.mit.edu/kerberos/www/
License: MIT, freely distributable.
Vendor: Red Hat, Inc.
Description:
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

Packages

krb5-1.6.1-71.el5_10.1.src [15.0 MiB] Changelog by Nalin Dahyabhai (2014-05-06):
- add patch based on one from Filip Krska to not call poll() with a negative
  timeout when the caller's intent is for us to just stop calling it (#1089732)
krb5-1.6.1-70.el5_9.2.src [15.0 MiB] Changelog by Nalin Dahyabhai (2013-06-06):
- rebuild, correcting changelog version/release identifiers
krb5-1.6.1-70.el5.src [15.0 MiB] Changelog by Nalin Dahyabhai (2011-12-28):
- add upstream patch for telnetd buffer overflow (CVE-2011-4862, #770351)
krb5-1.6.1-63.el5_7.src [15.0 MiB] Changelog by Huzaifa Sidhpurwala (2011-12-28):
- Fix for CVE-2011-4862
krb5-1.6.1-63.el5.src [15.0 MiB] Changelog by Huzaifa Sidhpurwala (2011-12-28):
- Fix for CVE-2011-4862
krb5-1.6.1-62.el5.src [15.0 MiB] Changelog by Nalin Dahyabhai (2011-06-18):
- incorporate a fix to teach the file labeling bits about when replay caches
  are expunged (#712453)
krb5-1.6.1-55.el5_6.2.src [15.0 MiB] Changelog by Nalin Dahyabhai (2011-06-18):
- incorporate a fix to teach the file labeling bits about when replay caches
  are expunged (#714188)
krb5-1.6.1-55.el5_6.1.src [15.0 MiB] Changelog by Nalin Dahyabhai (2011-01-21):
- add upstream patch to fix hang or crash in the KDC when using the LDAP kdb
  backend (CVE-2011-0281, CVE-2011-0282, #671096)
krb5-1.6.1-55.el5.src [15.0 MiB] Changelog by Nalin Dahyabhai (2010-12-01):
- incorporate upstream patch for checksum acceptance issues from
  MITKRB5-SA-2010-007 (CVE-2010-1323, #652308)
krb5-1.6.1-36.el5_5.6.src [15.0 MiB] Changelog by Nalin Dahyabhai (2010-11-13):
- incorporate candidate patch for checksum acceptance issues from
  MITKRB5-SA-2010-007 (CVE-2010-1323, #652307)
krb5-1.6.1-36.el5_5.5.src [15.0 MiB] Changelog by Nalin Dahyabhai (2010-07-17):
- ksu: perform PAM account and session management before dropping privileges
  to those of the target user (#602967, #615261)
krb5-1.6.1-36.el5_5.4.src [15.0 MiB] Changelog by Nalin Dahyabhai (2010-05-05):
- add candidate patch to correct KDC null pointer dereference which
  could be triggered by malformed client requests (CVE-2010-1321, #583703)
krb5-1.6.1-36.el5_5.2.src [15.0 MiB] Changelog by Nalin Dahyabhai (2010-03-31):
- add upstream patch to fix a few use-after-free bugs, including one in
  kadmind (CVE-2010-0629, #578185)
krb5-1.6.1-36.el5_4.1.src [15.0 MiB] Changelog by Nalin Dahyabhai (2009-12-11):
- add candidate patch to correct KDC integer overflows which could be
  triggered by malformed RC4 and AES ciphertexts (CVE-2009-4212, #546347)
krb5-1.6.1-36.el5.src [15.0 MiB] Changelog by Nalin Dahyabhai (2009-05-20):
- add an auth stack to ksu's PAM configuration so that it can successfully
  pam_setcred()
krb5-1.6.1-31.el5_3.3.src [14.9 MiB] Changelog by Nalin Dahyabhai (2009-04-04):
- update to revised patch for CVE-2009-0844/CVE-2009-0845
krb5-1.6.1-31.el5.src [15.0 MiB] Changelog by Nalin Dahyabhai (2008-11-26):
- add a backported patch which adds a check on credentials obtained from
  a foreign realm to make sure that they're of an acceptable type, and
  if not, retry to the request to get one of the right type (Sadique Puthen,
krb5-1.6.1-25.el5_2.2.src [15.0 MiB] Changelog by Nalin Dahyabhai (2008-12-04):
- add a backported patch which adds a check on credentials obtained from
  the KDC to make sure that they're of an acceptable type, and if not, retry to
  the request to get one of the right type (Sadique Puthen, #473104)
krb5-1.6.1-25.el5_2.1.src [15.0 MiB] Changelog by Nalin Dahyabhai (2008-09-12):
- backport fix from 1.6.3 to abort a sequential scan of a keytab if the
  handle to the keytab has become invalidated during the scan (via Vince
  Worthington, #461908)
krb5-1.6.1-25.el5.src [15.0 MiB] Changelog by Nalin Dahyabhai (2008-03-06):
- add preliminary patch to fix use of uninitialized pointer / double-free in
  KDC (CVE-2008-0062,CVE-2008-0063) (#432620, #432621)
- add backported patch to fix use-after-free in libgssapi_krb5 (CVE-2007-5901)
  (#415321)
- add backported patch to fix double-free in libgssapi_krb5 (CVE-2007-5971)
  (#415351)
- add preliminary patch to fix incorrect handling of high-numbered descriptors
  in the RPC library (CVE-2008-0947) (#433596)
krb5-1.6.1-17.el5.src [14.9 MiB] Changelog by Nalin Dahyabhai (2007-09-12):
- ftpd: also do PAM session and credential management when ftp clients use
  strong authentication (#286291)
krb5-1.5-28.src [10.5 MiB] Changelog by Nalin Dahyabhai (2007-08-16):
- add preliminary patch to fix buffer overflow in rpcsec_gss implementation
  in libgssrpc (#250973, CVE-2007-3999) and write through uninitialized
  pointer in kadmind (#250976, CVE-2007-4000)
krb5-1.5-26.src [10.5 MiB] Changelog by Nalin Dahyabhai (2007-06-02):
- add patch to fix buffer overflow in kadmind (#239073, CVE-2007-2798)
krb5-1.5-23.src [10.5 MiB] Changelog by Nalin Dahyabhai (2007-03-20):
- fix bug ID in changelog
krb5-1.5-17.src [10.5 MiB] Changelog by Nalin Dahyabhai (2007-01-17):
- move to using pregenerated PDF docs to cure multilib conflicts (#222721)

Listing created by Repoview-0.6.6-1.el6