freebsd-ports/security/krb5-118
Cy Schubert 2598c4eafc security/krb5-118: Update to 1.18.4
The announcement as follows:

The MIT Kerberos Team announces the availability of MIT Kerberos 5
Releases 1.19.2 and 1.18.4.  Please see below for a list of some major
changes included, or consult the README file in the source tree for a
more detailed list of significant changes.

Retrieving krb5-1.19.2 and krb5-1.18.4
======================================

You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the
following URL:

        https://kerberos.org/dist/

The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are:

        https://web.mit.edu/kerberos/krb5-1.19/
        https://web.mit.edu/kerberos/krb5-1.18/

Further information about Kerberos 5 may be found at the following
URL:

        https://web.mit.edu/kerberos/

Triple-DES transition
=====================

Beginning with the krb5-1.19 release, a warning will be issued if
initial credentials are acquired using the des3-cbc-sha1 encryption
type.  In future releases, this encryption type will be disabled by
default and eventually removed.

Beginning with the krb5-1.18 release, single-DES encryption types have
been removed.

Major changes in 1.19.2 and 1.18.4 (2021-07-22)
===============================================

These are bug fix releases.

* Fix a denial of service attack against the KDC encrypted challenge
  code [CVE-2021-36222].

* Fix a memory leak when gss_inquire_cred() is called without a
  credential handle.

MFH:		2021Q3
Security:	CVE-2021-36222
2021-07-26 12:55:38 -07:00
..
files
distinfo security/krb5-118: Update to 1.18.4 2021-07-26 12:55:38 -07:00
Makefile security/krb5-118: Update to 1.18.4 2021-07-26 12:55:38 -07:00
pkg-descr
pkg-plist