Update README and patchlevel.h for krb5-1.10.3

diff --git a/README b/README
index 814fd33a9045b520cd0a08d5e258a0fd64ba732a..eac5304572fe89837560dba69e4e78acf64cfd44 100644 (file)
--- a/README
+++ b/README
@@ -70,6 +70,46 @@ from using single-DES cryptosystems.  Among these is a configuration
 variable that enables "weak" enctypes, which defaults to "false"
 beginning with krb5-1.8.
 
+Major changes in 1.10.3
+-----------------------
+
+This is a bugfix release.
+
+* Fix KDC uninitialized pointer vulnerabilities that could lead to a
+  denial of service [CVE-2012-1014] or remote code execution
+  [CVE-2012-1015].
+
+* Correctly use default_tgs_enctypes instead of default_tkt_enctypes
+  for TGS requests.
+
+krb5-1.10.3 changes by ticket ID
+--------------------------------
+
+7150    Does not build when CPPFLAGS=-DDEBUG is set.
+7155    default_tgs_enctypes not used for client TGS enctypes
+7185    Fix crash on invalid DIR ccache primary file
+7197    Translate WinSock errors to Posix counterparts
+7198    Implement switch_to for ccapiv3
+7199    Add krb5int_cc_user_set_default_name
+7200    Always recreate acl files during dejagnu tests
+7201    Handle huge /bin directories in libdb2 test
+7203    kfw add preauth_sam2 to OBJS for windows build
+7204    KFW win-mac.h fixes
+7206    Use %i, not %s to Tprintf GetLastError()
+7207    Don't use syslog / LOG_DEBUG when they don't exist
+7208    __func__ -> __FUNCTION__ in disp_status.c
+7209    Define USE_CCAPI_V3 in krb5/ccache on windows
+7210    Remove the UNICODE defines from wshelper
+7212    MSLSA Don't use lstrcpy on ANSI strings
+7213    Implement cccol iterators for mslsa
+7214    krb5_stdccv3_get_principal error handling fixup
+7215    Remove DISABLE_TRACING from windows build
+7226    Fix KDC uninit ptrs [CVE-2012-1014 CVE-2012-1015]
+7227    Fix oid set construction in gss_inquire_cred()
+7228    Further fixes for WSA/Posix error translation
+7230    Add missing quote to install-windows
+7231    Regression tests for CVE-2012-1014, CVE-2012-1015
+
 Major changes in 1.10.2
 -----------------------
 
@@ -490,6 +530,7 @@ reports, suggestions, and valuable resources:
     Mikkel Kruse
     Volker Lendecke
     Jan iankko Lieskovsky
+    Oliver Loch
     Kevin Longfellow
     Ryan Lynch
     Nathaniel McCallum

diff --git a/src/patchlevel.h b/src/patchlevel.h
index c06a1db7bed4641da0d54c7474834c3f3d1ebf21..09312f794e55a3fc977482c3aa47bfcf921649bd 100644 (file)
--- a/src/patchlevel.h
+++ b/src/patchlevel.h
@@ -51,7 +51,7 @@
  */
 #define KRB5_MAJOR_RELEASE 1
 #define KRB5_MINOR_RELEASE 10
-#define KRB5_PATCHLEVEL 2
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 3
+/* #undef KRB5_RELTAIL */
 /* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.10"
+#define KRB5_RELTAG "krb5-1.10.3-final"