Copyright and Other Notices
---------------------------
-Copyright (C) 1985-2014 by the Massachusetts Institute of Technology
+Copyright (C) 1985-2015 by the Massachusetts Institute of Technology
and its contributors. All rights reserved.
Please see the file named NOTICE for additional notices.
variable that enables "weak" enctypes, which defaults to "false"
beginning with krb5-1.8.
+Major changes in 1.12.3 (2015-02-18)
+------------------------------------
+
+This is a bugfix release. The krb5-1.12 release series is in
+maintenance, and for new deployments, installers should prefer the
+krb5-1.13 release series or later.
+
+* Fix multiple vulnerabilities in the LDAP KDC back end.
+ [CVE-2014-5354] [CVE-2014-5353]
+
+* Fix multiple kadmind vulnerabilities, some of which are based in the
+ gssrpc library. [CVE-2014-5352 CVE-2014-5352 CVE-2014-9421
+ CVE-2014-9422 CVE-2014-9423]
+
+krb5-1.12.3 changes by ticket ID
+--------------------------------
+
+8012 gssapi.dll tries to get initial creds even when some are
+ present
+8013 gssapi.dll fails to detect TGTs in the MSLSA cache when UAC is
+ enabled
+8036 Remove rtm_type_name()
+8064 Add missing salt from enctype in t_kdb.py test
+8067 Fix gss_process_context_token() [CVE-2014-5352]
+8068 Fix kadm5/gssrpc XDR double free [CVE-2014-9421]
+8069 Fix kadmind server validation [CVE-2014-9422]
+8070 Fix gssrpc data leakage [CVE-2014-9423]
+8125 Do not loop on principal unknown errors
+8126 Export function gss_add_cred_with_password
+8127 Check for null *iter_p in profile_iterator()
+8128 Fix OTP tests with pyrad 2.x
+8129 Use gssalloc_malloc for GSS error tokens
+8130 Fix typo in doc for krb5_get_init_creds_keytab()
+8131 Parse "ktadd -norandkey" in remote kadmin client
+8132 Report output ccache errors getting initial creds
+8133 Fix cursor leak in krb5_verify_init_creds
+8134 Remove length limit on PKINIT PKCS#12 prompt
+8135 Fix input race condition in t_skew.py
+8136 Update example enctypes in kdc_conf.rst
+8137 Fix LDAP misused policy name crash [CVE-2014-5353]
+8138 kadmind with ldap backend crashes when putting keyless entries
+ [CVE-2014-5354]
+
Major changes in 1.12.2 (2014-08-11)
------------------------------------
.\" Man page generated from reStructuredText.
.
-.TH "K5IDENTITY" "5" " " "1.12.2" "MIT Kerberos"
+.TH "K5IDENTITY" "5" " " "1.12.3" "MIT Kerberos"
.SH NAME
k5identity \- Kerberos V5 client principal selection rules
.
.\" Man page generated from reStructuredText.
.
-.TH "K5LOGIN" "5" " " "1.12.2" "MIT Kerberos"
+.TH "K5LOGIN" "5" " " "1.12.3" "MIT Kerberos"
.SH NAME
k5login \- Kerberos V5 acl file for host access
.
.\" Man page generated from reStructuredText.
.
-.TH "K5SRVUTIL" "1" " " "1.12.2" "MIT Kerberos"
+.TH "K5SRVUTIL" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
k5srvutil \- host key table (keytab) manipulation utility
.
.\" Man page generated from reStructuredText.
.
-.TH "KADM5.ACL" "5" " " "1.12.2" "MIT Kerberos"
+.TH "KADM5.ACL" "5" " " "1.12.3" "MIT Kerberos"
.SH NAME
kadm5.acl \- Kerberos ACL file
.
.\" Man page generated from reStructuredText.
.
-.TH "KADMIN" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KADMIN" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
kadmin \- Kerberos V5 database administration program
.
.\" Man page generated from reStructuredText.
.
-.TH "KADMIND" "8" " " "1.12.2" "MIT Kerberos"
+.TH "KADMIND" "8" " " "1.12.3" "MIT Kerberos"
.SH NAME
kadmind \- KADM5 administration server
.
.\" Man page generated from reStructuredText.
.
-.TH "KDB5_LDAP_UTIL" "8" " " "1.12.2" "MIT Kerberos"
+.TH "KDB5_LDAP_UTIL" "8" " " "1.12.3" "MIT Kerberos"
.SH NAME
kdb5_ldap_util \- Kerberos configuration utility
.
.\" Man page generated from reStructuredText.
.
-.TH "KDB5_UTIL" "8" " " "1.12.2" "MIT Kerberos"
+.TH "KDB5_UTIL" "8" " " "1.12.3" "MIT Kerberos"
.SH NAME
kdb5_util \- Kerberos database maintenance utility
.
.\" Man page generated from reStructuredText.
.
-.TH "KDC.CONF" "5" " " "1.12.2" "MIT Kerberos"
+.TH "KDC.CONF" "5" " " "1.12.3" "MIT Kerberos"
.SH NAME
kdc.conf \- Kerberos V5 KDC configuration file
.
.\" Man page generated from reStructuredText.
.
-.TH "KDESTROY" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KDESTROY" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
kdestroy \- destroy Kerberos tickets
.
.\" Man page generated from reStructuredText.
.
-.TH "KINIT" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KINIT" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
kinit \- obtain and cache Kerberos ticket-granting ticket
.
.\" Man page generated from reStructuredText.
.
-.TH "KLIST" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KLIST" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
klist \- list cached Kerberos tickets
.
.\" Man page generated from reStructuredText.
.
-.TH "KPASSWD" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KPASSWD" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
kpasswd \- change a user's Kerberos password
.
.\" Man page generated from reStructuredText.
.
-.TH "KPROP" "8" " " "1.12.2" "MIT Kerberos"
+.TH "KPROP" "8" " " "1.12.3" "MIT Kerberos"
.SH NAME
kprop \- propagate a Kerberos V5 principal database to a slave server
.
.\" Man page generated from reStructuredText.
.
-.TH "KPROPD" "8" " " "1.12.2" "MIT Kerberos"
+.TH "KPROPD" "8" " " "1.12.3" "MIT Kerberos"
.SH NAME
kpropd \- Kerberos V5 slave KDC update server
.
.\" Man page generated from reStructuredText.
.
-.TH "KPROPLOG" "8" " " "1.12.2" "MIT Kerberos"
+.TH "KPROPLOG" "8" " " "1.12.3" "MIT Kerberos"
.SH NAME
kproplog \- display the contents of the Kerberos principal update log
.
.\" Man page generated from reStructuredText.
.
-.TH "KRB5-CONFIG" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KRB5-CONFIG" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
krb5-config \- tool for linking against MIT Kerberos libraries
.
.\" Man page generated from reStructuredText.
.
-.TH "KRB5.CONF" "5" " " "1.12.2" "MIT Kerberos"
+.TH "KRB5.CONF" "5" " " "1.12.3" "MIT Kerberos"
.SH NAME
krb5.conf \- Kerberos configuration file
.
.\" Man page generated from reStructuredText.
.
-.TH "KRB5KDC" "8" " " "1.12.2" "MIT Kerberos"
+.TH "KRB5KDC" "8" " " "1.12.3" "MIT Kerberos"
.SH NAME
krb5kdc \- Kerberos V5 KDC
.
.\" Man page generated from reStructuredText.
.
-.TH "KSU" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KSU" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
ksu \- Kerberized super-user
.
.\" Man page generated from reStructuredText.
.
-.TH "KSWITCH" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KSWITCH" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
kswitch \- switch primary ticket cache
.
.\" Man page generated from reStructuredText.
.
-.TH "KTUTIL" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KTUTIL" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
ktutil \- Kerberos keytab file maintenance utility
.
.\" Man page generated from reStructuredText.
.
-.TH "KVNO" "1" " " "1.12.2" "MIT Kerberos"
+.TH "KVNO" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
kvno \- print key version numbers of Kerberos principals
.
.\" Man page generated from reStructuredText.
.
-.TH "SCLIENT" "1" " " "1.12.2" "MIT Kerberos"
+.TH "SCLIENT" "1" " " "1.12.3" "MIT Kerberos"
.SH NAME
sclient \- sample Kerberos version 5 client
.
.\" Man page generated from reStructuredText.
.
-.TH "SSERVER" "8" " " "1.12.2" "MIT Kerberos"
+.TH "SSERVER" "8" " " "1.12.3" "MIT Kerberos"
.SH NAME
sserver \- sample Kerberos version 5 server
.
*/
#define KRB5_MAJOR_RELEASE 1
#define KRB5_MINOR_RELEASE 12
-#define KRB5_PATCHLEVEL 2
-#define KRB5_RELTAIL "postrelease"
+#define KRB5_PATCHLEVEL 3
+/* #undef KRB5_RELTAIL */
/* #undef KRB5_RELDATE */
-#define KRB5_RELTAG "krb5-1.12"
+#define KRB5_RELTAG "krb5-1.12.3-final"
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: mit-krb5 1.12.2-postrelease\n"
+"Project-Id-Version: mit-krb5 1.12.3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2015-02-17 16:20-0500\n"
+"POT-Creation-Date: 2015-02-18 16:25-0500\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
projects / thirdparty / krb5.git / commitdiff
