Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package krb5 for openSUSE:Factory checked in
at 2023-07-17 19:22:54
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/krb5 (Old)
and /work/SRC/openSUSE:Factory/.krb5.new.3193 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "krb5"
Mon Jul 17 19:22:54 2023 rev:167 rq:1098841 version:1.21.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/krb5/krb5.changes 2023-05-05
15:57:12.688059815 +0200
+++ /work/SRC/openSUSE:Factory/.krb5.new.3193/krb5.changes 2023-07-17
19:23:05.477669606 +0200
@@ -1,0 +2,31 @@
+Sat Jul 15 18:19:32 UTC 2023 - Dirk Müller <dmuel...@suse.com>
+
+- update to 1.121.1 (CVE-2023-36054):
+ * Fix potential uninitialized pointer free in kadm5 XDR parsing
+ [CVE-2023-36054].
+ * Added a credential cache type providing compatibility with
+ the macOS 11 native credential cache.
+ * libkadm5 will use the provided krb5_context object to read
+ configuration values, instead of creating its own.
+ * Added an interface to retrieve the ticket session key
+ from a GSS context.
+ * The KDC will no longer issue tickets with RC4 or triple-DES
+ session keys unless explicitly configured with the new
+ allow_rc4 or allow_des3 variables respectively.
+ * The KDC will assume that all services can handle aes256-sha1
+ session keys unless the service principal has a
+ session_enctypes string attribute.
+ * Support for PAC full KDC checksums has been added to
+ mitigate an S4U2Proxy privilege escalation attack.
+ * The PKINIT client will advertise a more modern set
+ of supported CMS algorithms.
+ * Removed unused code in libkrb5, libkrb5support,
+ and the PKINIT module.
+ * Modernized the KDC code for processing TGS requests,
+ the code for encrypting and decrypting key data,
+ the PAC handling code, and the GSS library packet
+ parsing and composition code.
+ * Improved the test framework's detection of memory
+ errors in daemon processes when used with asan.
+
+-------------------------------------------------------------------
Old:
----
krb5-1.20.1.tar.gz
krb5-1.20.1.tar.gz.asc
New:
----
krb5-1.21.1.tar.gz
krb5-1.21.1.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ krb5-mini.spec ++++++
--- /var/tmp/diff_new_pack.bjAp8h/_old 2023-07-17 19:23:06.601676116 +0200
+++ /var/tmp/diff_new_pack.bjAp8h/_new 2023-07-17 19:23:06.605676140 +0200
@@ -24,13 +24,13 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: krb5-mini
-Version: 1.20.1
+Version: 1.21.1
Release: 0
Summary: MIT Kerberos5 implementation and libraries with minimal
dependencies
License: MIT
URL: https://kerberos.org/dist/
-Source0: https://kerberos.org/dist/krb5/1.20/krb5-%{version}.tar.gz
-Source1: https://kerberos.org/dist/krb5/1.20/krb5-%{version}.tar.gz.asc
+Source0: https://kerberos.org/dist/krb5/1.21/krb5-%{version}.tar.gz
+Source1: https://kerberos.org/dist/krb5/1.21/krb5-%{version}.tar.gz.asc
Source2: krb5.keyring
Source3: vendor-files.tar.bz2
Source4: baselibs.conf
++++++ krb5.spec ++++++
--- /var/tmp/diff_new_pack.bjAp8h/_old 2023-07-17 19:23:06.625676256 +0200
+++ /var/tmp/diff_new_pack.bjAp8h/_new 2023-07-17 19:23:06.629676278 +0200
@@ -21,13 +21,13 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: krb5
-Version: 1.20.1
+Version: 1.21.1
Release: 0
Summary: MIT Kerberos5 implementation
License: MIT
URL: https://kerberos.org/dist/
-Source0: https://kerberos.org/dist/krb5/1.20/krb5-%{version}.tar.gz
-Source1: https://kerberos.org/dist/krb5/1.20/krb5-%{version}.tar.gz.asc
+Source0: https://kerberos.org/dist/krb5/1.21/krb5-%{version}.tar.gz
+Source1: https://kerberos.org/dist/krb5/1.21/krb5-%{version}.tar.gz.asc
Source2: krb5.keyring
Source3: vendor-files.tar.bz2
Source4: baselibs.conf
++++++ krb5-1.20.1.tar.gz -> krb5-1.21.1.tar.gz ++++++
/work/SRC/openSUSE:Factory/krb5/krb5-1.20.1.tar.gz
/work/SRC/openSUSE:Factory/.krb5.new.3193/krb5-1.21.1.tar.gz differ: char 5,
line 1
