[Heimdal-source-changes] [heimdal/heimdal] d5dd5a: Update NEWS for Heimdal 7.2
GitHub
noreply at github.com
Fre Apr 14 01:07:03 CEST 2017
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: d5dd5aab19f16218271adb616de6bb6118a529b3
https://github.com/heimdal/heimdal/commit/d5dd5aab19f16218271adb616de6bb6118a529b3
Author: Viktor Dukhovni <viktor at twosigma.com>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M NEWS
Log Message:
-----------
Update NEWS for Heimdal 7.2
Commit: b1e699103f08d6a0ca46a122193c9da65f6cf837
https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837
Author: Viktor Dukhovni <viktor at twosigma.com>
Date: 2017-04-13 (Thu, 13 Apr 2017)
Changed paths:
M NEWS
M kdc/krb5tgs.c
M tests/kdc/check-kdc.in
M tests/kdc/krb5.conf.in
Log Message:
-----------
Fix transit path validation CVE-2017-6594
Commit f469fc6 (2010-10-02) inadvertently caused the previous hop realm
to not be added to the transit path of issued tickets. This may, in
some cases, enable bypass of capath policy in Heimdal versions 1.5
through 7.2.
Note, this may break sites that rely on the bug. With the bug some
incomplete [capaths] worked, that should not have. These may now break
authentication in some cross-realm configurations.
Compare: https://github.com/heimdal/heimdal/compare/f867a12aa9ce...b1e699103f08
More information about the Heimdal-source-changes
mailing list