rpms/pam_krb5/devel .cvsignore, 1.51, 1.52 pam_krb5.spec, 1.63, 1.64 sources, 1.51, 1.52
Nalin Dahyabhai
nalin at fedoraproject.org
Wed Oct 1 19:02:15 UTC 2008
Author: nalin
Update of /cvs/pkgs/rpms/pam_krb5/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28408
Modified Files:
.cvsignore pam_krb5.spec sources
Log Message:
update to 2.3.2 to fix CVE-2008-3825 (vulnerability when "existing_ticket" is used)
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/pam_krb5/devel/.cvsignore,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- .cvsignore 10 Mar 2008 21:40:31 -0000 1.51
+++ .cvsignore 1 Oct 2008 19:01:44 -0000 1.52
@@ -1 +1,2 @@
pam_krb5-2.3.0-1.tar.gz
+pam_krb5-2.3.1-1.tar.gz
Index: pam_krb5.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pam_krb5/devel/pam_krb5.spec,v
retrieving revision 1.63
retrieving revision 1.64
diff -u -r1.63 -r1.64
--- pam_krb5.spec 27 Aug 2008 20:38:37 -0000 1.63
+++ pam_krb5.spec 1 Oct 2008 19:01:44 -0000 1.64
@@ -1,7 +1,7 @@
Summary: A Pluggable Authentication Module for Kerberos 5.
Name: pam_krb5
-Version: 2.3.0
-Release: 2%{?dist}
+Version: 2.3.2
+Release: 1%{?dist}
Source0: pam_krb5-%{version}-1.tar.gz
License: BSD or LGPLv2+
Group: System Environment/Base
@@ -32,10 +32,12 @@
# Make the paths jive to avoid conflicts on multilib systems.
sed -ri -e 's|/lib(64)?/|/\$LIB/|g' $RPM_BUILD_ROOT/%{_mandir}/man*/pam_krb5*.8*
+%find_lang %{name}
+
%clean
[ "$RPM_BUILD_ROOT" != "/" ] && rm -fr $RPM_BUILD_ROOT
-%files
+%files -f %{name}.lang
%defattr(-,root,root)
%{_bindir}/*
/%{_lib}/security/pam_krb5.so
@@ -48,9 +50,17 @@
# $Id$
%changelog
+* Wed Oct 1 2008 Nalin Dahyabhai <nalin at redhat.com> - 2.3.2-1
+- fix ccache permissions bypass when the "existing_ticket" option is used
+ (CVE-2008-3825)
+
* Wed Aug 27 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 2.3.0-2
- fix license tag
+* Wed Apr 9 2008 Nalin Dahyabhai <nalin at redhat.com> - 2.3.1-1
+- don't bother trying to set up a temporary v4 ticket file during session open
+ unless we obtained v4 creds somewhere
+
* Mon Mar 10 2008 Nalin Dahyabhai <nalin at redhat.com> - 2.3.0-1
- add a "null_afs" option
- add a "token_strategy" option
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/pam_krb5/devel/sources,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- sources 10 Mar 2008 21:40:31 -0000 1.51
+++ sources 1 Oct 2008 19:01:44 -0000 1.52
@@ -1 +1 @@
-83cdefd14a8104c7c1b8960267882912 pam_krb5-2.3.0-1.tar.gz
+f11bf537b2bc0a9b7b800969f0238ba7 pam_krb5-2.3.1-1.tar.gz
More information about the scm-commits
mailing list