rpms/pam_krb5/F-10 pam_krb5.spec,1.65,1.66 sources,1.53,1.54
Nalin Dahyabhai
nalin at fedoraproject.org
Tue Jun 9 22:20:21 UTC 2009
Author: nalin
Update of /cvs/pkgs/rpms/pam_krb5/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28368/F-10
Modified Files:
pam_krb5.spec sources
Log Message:
- update to 2.3.5 to fix CVE-2009-1384
Index: pam_krb5.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pam_krb5/F-10/pam_krb5.spec,v
retrieving revision 1.65
retrieving revision 1.66
diff -u -p -r1.65 -r1.66
--- pam_krb5.spec 1 Oct 2008 19:27:38 -0000 1.65
+++ pam_krb5.spec 9 Jun 2009 22:19:50 -0000 1.66
@@ -1,11 +1,11 @@
Summary: A Pluggable Authentication Module for Kerberos 5.
Name: pam_krb5
-Version: 2.3.2
+Version: 2.3.5
Release: 1%{?dist}
Source0: pam_krb5-%{version}-1.tar.gz
License: BSD or LGPLv2+
Group: System Environment/Base
-BuildPrereq: gettext
+URL: https://fedorahosted.org/pam_krb5/
BuildPrereq: keyutils-libs-devel, krb5-devel, pam-devel
BuildRoot: %{_tmppath}/%{name}-root
@@ -49,12 +49,31 @@ sed -ri -e 's|/lib(64)?/|/\$LIB/|g' $RPM
%{_mandir}/man8/*
%doc README* COPYING* ChangeLog NEWS
-# $Id$
%changelog
+* Tue May 26 2009 Nalin Dahyabhai <nalin at redhat.com> - 2.3.5-1
+- catch the case where we pass a NULL initial password into libkrb5 and
+ it uses our callback to ask us for the password for the user using a
+ principal name, and reject that (#502602)
+- always prompt for a password unless we were told not to (#502602,
+ CVE-2009-1384)
+
+* Wed Mar 4 2009 Nalin Dahyabhai <nalin at redhat.com> - 2.3.4-1
+- don't request password-changing credentials with the same options that we
+ use when requesting ticket granting tickets, which might run afoul of KDC
+ policies
+
+* Thu Feb 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.3.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Fri Feb 6 2009 Nalin Dahyabhai <nalin at redhat.com> - 2.3.3-1
+- clean up a couple of debug messages
+
+* Fri Feb 6 2009 Nalin Dahyabhai <nalin at redhat.com>
+- clean up a couple of unclosed pipes to nowhere
+
* Wed Oct 1 2008 Nalin Dahyabhai <nalin at redhat.com> - 2.3.2-1
- fix ccache permissions bypass when the "existing_ticket" option is used
(CVE-2008-3825)
-- add build requirement on "gettext" so that xgettext is available at build-time
* Wed Aug 27 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 2.3.0-2
- fix license tag
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/pam_krb5/F-10/sources,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -p -r1.53 -r1.54
--- sources 1 Oct 2008 19:04:12 -0000 1.53
+++ sources 9 Jun 2009 22:19:50 -0000 1.54
@@ -1 +1 @@
-fe23c3d9b89d173c2c65fec18c06b133 pam_krb5-2.3.2-1.tar.gz
+24978d4b0886e6cc83baa00124937143 pam_krb5-2.3.5-1.tar.gz
More information about the fedora-extras-commits
mailing list