krb5-devel-1.21.3-2.fc39$>V~<|Ĺn>> - 1.21.3-2Julien Rische - 1.21.3-1Julien Rische - 1.21.2-4Julien Rische - 1.21.2-3Julien Rische - 1.21.2-2Julien Rische - 1.21.2-1Fedora Release Engineering - 1.21-3Marek Blaha - 1.21-2Julien Rische - 1.21-1Julien Rische - 1.20.1-9Julien Rische - 1.20.1-8Fedora Release Engineering - 1.20.1-7Julien Rische - 1.20.1-6Julien Rische - 1.20.1-5Julien Rische - 1.20.1-4Julien Rische - 1.20.1-3Alexander Bokovoy - 1.20.1-2Julien Rische - 1.20.1-1Julien Rische - 1.19.2-13- libkrad: implement support for Message-Authenticator (CVE-2024-3596) Resolves: rhbz#2304071 - Fix various issues detected by static analysis Resolves: rhbz#2322704 - Remove RSA protocol for PKINIT Resolves: rhbz#2322706 - Make TCP waiting time configurable Resolves: rhbz#2322711- New upstream version (1.21.3) - CVE-2024-26458: Memory leak in src/lib/rpc/pmap_rmt.c Resolves: rhbz#2266732 - CVE-2024-26461: Memory leak in src/lib/gssapi/krb5/k5sealv3.c Resolves: rhbz#2266741 - CVE-2024-26462: Memory leak in src/kdc/ndr.c Resolves: rhbz#2266743 - Add missing SPDX license identifiers Resolves: rhbz#2265333- CVE-2024-37370 CVE-2024-37371: GSS message token handling Resolves: rhbz#2294678 rhbz#2294680 - Fix double free in klist's show_ccache() Resolves: rhbz#2257301 - Do not include files with "~" termination in krb5-tests- Fix double free in klist's show_ccache() Resolves: rhbz#2257301 - Store krb5-tests files in architecture-specific directories Resolves: rhbz#2244601- Use SPDX expression for license tag - Fix unimportant memory leaks Resolves: rhbz#2223274- New upstream version (1.21.2) - Fix double-free in KDC TGS processing (CVE-2023-39975) Resolves: rhbz#2229113 - Make tests compatible with Python 3.12 Resolves: rhbz#2224013- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild- Replace file dependency with package name Resolves: rhbz#2216903- New upstream version (1.21) - Do not disable PKINIT if some of the well-known DH groups are unavailable Resolves: rhbz#2214297 - Make PKINIT CMS SHA-1 signature verification available in FIPS mode Resolves: rhbz#2214300 - Allow to set PAC ticket signature as optional Resolves: rhbz#2181311 - Add support for MS-PAC extended KDC signature (CVE-2022-37967) Resolves: rhbz#2166001 - Fix syntax error in aclocal.m4 Resolves: rhbz#2143306- Add support for MS-PAC extended KDC signature (CVE-2022-37967) Resolves: rhbz#2166001- Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled - Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild- Set aes256-cts-hmac-sha384-192 as EXAMLE.COM master key in kdc.conf - Add AES SHA-2 HMAC family as EXAMPLE.COM supported etypes in kdc.conf Resolves: rhbz#2114771- Strip debugging data from ksu executable file- Include missing OpenSSL FIPS header - Make tests compatible with sssd_krb5_locator_plugin.so- Enable TMT integration with Fedora CI- Bump KDB ABI version provide to 9.0- New upstream version (1.20.1) Resolves: rhbz#2124463 - Restore "supportedCMSTypes" attribute in PKINIT preauth requests - Set SHA-512 or SHA-256 with RSA as preferred CMS signature algorithms Resolves: rhbz#2114766 - Update error checking for OpenSSL CMS_verify Resolves: rhbz#2119704 - Remove invalid password expiry warning Resolves: rhbz#2129113- Fix integer overflows in PAC parsing (CVE-2022-42898) Resolves: rhbz#2143011  !"#$%&'()*+,-./0123456789:;<=>?@A1.21.3-2.fc391.21.3-2.fc399.01.21.31.21.31.21.31.21.31.21.31.21.31.21.31.21.3krb5-configgssapigssapi.hgssapi.hgssapi_alloc.hgssapi_ext.hgssapi_generic.hgssapi_krb5.hmechglue.hgssrpcauth.hauth_gss.hauth_gssapi.hauth_unix.hclnt.hnetdb.hpmap_clnt.hpmap_prot.hpmap_rmt.hrename.hrpc.hrpc_msg.hsvc.hsvc_auth.htypes.hxdr.hkadm5admin.hchpass_util_strings.hkadm_err.hkdb.hkrad.hkrb5krb5.hccselect_plugin.hcertauth_plugin.hclpreauth_plugin.hhostrealm_plugin.hkadm5_auth_plugin.hkadm5_hook_plugin.hkdcpolicy_plugin.hkdcpreauth_plugin.hkrb5.hlocalauth_plugin.hlocate_plugin.hplugin.hpreauth_plugin.hpwqual_plugin.hprofile.hlibgssapi_krb5.solibgssrpc.solibk5crypto.solibkdb5.solibkrad.solibkrb5.solibkrb5support.sogssrpc.pckadm-client.pckadm-server.pckdb.pckrb5-gssapi.pckrb5.pcmit-krb5-gssapi.pcmit-krb5.pckrb5-config.1.gz/usr/bin//usr/include//usr/include/gssapi//usr/include/gssrpc//usr/include/kadm5//usr/include/krb5//usr/lib64//usr/lib64/pkgconfig//usr/share/man/man1/-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointerdrpmzstd19x86_64-redhat-linux-gnua /usr/bin/sh script, ASCII text executabledirectorypkgconfig filetroff or preprocessor input, ASCII text, with very long lines (302) (gzip compressed data, max compression, from Unix) !RRRRR R R R PRRPRRRPRRRPRRRRPRRPRRP RRP Rhttps://bugz.fedoraproject.org/krb5utf-8079c9ace872f19e46cfdc1e32fa4dcb1c17f2998f4e54bc059f1f97e56c5f970774153d5f604a9159b7b95f43a3cc01e7f9cb5c1305912f39a9e818536305f80? (/h%J}M8 fJ :{w~P 1IIs?+Rnڔ*ȑh[ܸXO,OS <4n?%Uq'wxT#Ϧ*YXorUJT^:j ^ɂl[)l?W&EL$2IrsT{q/+Yӱb4ϣ'簻ks.)cʇ "}˜ȈN&j޸/Yx$:mVfԑ*3m}>jkJOU&~j.(ɫ_Qp"eR}o:er<&[{9O395Vډ:MTcωzw&bϥq-Z4U噬$띐o\/ΡŶ.uU]eVߥEDkSLI1F꼾&̦`dnFpN\ؘExkٗ+k!f3hyBRS{mۭL1fOJfWfN?:Ƈx\ޔzBhѿ.͓SWJ&L~+luWymJ;Q]X6l=V&ȩ{uiL\Y+leL)N~2ʚv1!ədNIh2r"/tYPIM* #Vi Op ~'d[ '_v$W'GiR𖙃6*HDr9r` P-$d J`yT @C(ȸD `:PD DvAJp8F TX@E8H@Rp`;'Q(e I.:A) !JA?ҨFHF6mxRÄ'}``J ,5Tq-" E*pر%8đH$2Ta ȂAha^2qFLB:1?9@AG`,(b<(E'&gBE {x!.ЀHh |0v!B1Luf2ٵ2{lc弑ejdO[G4߬Nn.O`dC˭>I1/{ 96yN{gnΞf)OwMip/>Ifݪ ݛR&[ Uaflajv22HX5=mBVWjן/TGLJg5T)OĠɱNh'L\^i[nuf$Q)lA[I[IrJ5[Du/Va2L+]L<^I1V&ԍ?+ճrc[͵s_/)sJMlBKǍ'91KKdn~2mv͊uew9D&߳jyIL N֘]CݘmvڐNctRƟ:Mo-^ey&ZĸWۗYy9e\7mr6SϹ:Z}5:OuXK2OһL&;韰N4''yʪ &InYuROΤ}iRH8g^.GX;/e<b&h4IJNQL'LL&oo6sxiTs|Cw,]Jyc1)$'^ivVJ)Z3;=~:]eɕU=,S\Z1T5<9M'M|wJ]ͤlI6;՚f&{MT SgI>vi:U0=jm5QiG31tΡS-LJa,6Ceے'Nt' ɤS,.N&^mdg'뜥n>5|j-ζ}qi<{s͙43&܊zQ_e-&uR,TtkLcS2e~zUL<'1hz8~]C3򾳴[xI?Jw'tgô'm2^<<9*}491<,5:mS?ؤVN`i=:1eӃd#ikPU圔W1yO紳LZ]aѲ;҇`":fQV]Z2&37ʤ0O'jdm3{E.tJJ4auxJ,z|.gc2n.ڍ3WDjFk0Y:t'9$=}'v}l&Y3{~fZݒtg,jL8)nerSc~}Li2AszbUXFRs7j&j4 cYu?ź?$I+Y|ShdyR+y{KOԐ:| NR'wo~BG# `HG@p0Ua0 05Ї hB0d$=@1' 6%p1 q$ N>@aX!o%I0B$ _K@NhVV@P dh}B " DA !$ vplqF"i%d0.Jxc90Z8bYQr$ 1F1F@G @0H"YDf 3 A aL HPHIat $8& +(MxcAlԑQ`Bz87X'@22p#)p 5 h܁k,F`S"DġHIIy|0޸+({,AB!@(J&%%~@.q@d< (Ig1c#`i\ 1 d ,0`EIX4%H7QW0bUb%H %n|6J1CXIؑ LȰ YXQ"G}c64^u<5wr\'{|d4iQlکc<7K?Kca:uNjb֤L&}n6gcM)6cY;iͤ)qr8)xKKl ',Os&f'iit2=r243w&7C+ߥhr )S_GnN(7J9jP_呩Sfj9s]_S9]Nq*{8)gsН Qgj|Bl0wB~)Q)!>s+Ro;rSytg&Ԏk4W~22ǜz2M-ٸq>1%Ɠ6;^(v+go4yD˷n+x&4i5lIM+l:zO)>&}pv9$e5V옭Sߓ봘>)c%KY:jnn2,1T4ILh}|r%S/YT!?;xT"}ĬhZUyM2yZ˛K3k# guRaa "BQ$25p c\R:3I Dlw:U'@ތ'P68X/?@U"y;|hgCkh [2:3ܕ ̌C\ʝ><ߓ^"7Q, [0s# NQPlJBMk‘2"&\|/V֓['Zm_8H&h[S+]5\#ٮͲÇs| $\fkw$‘k2c1I[7 {ƥ i*ٝ3GyaB;M㼌vvR[?Os:D4) @+FH7\ 8c6]z]-ѽ^?Vs><HTt4!5f^>iDffi9  G 5%Zu7щDsUek;mC/h[̑6lm?/oy%qDgzs679YЛ'YJgGv2po~plR]ʐ%ý\F'C{) +GDajQ.3P;R+A, FG.&.]ym/Hԃ8x