Linux @ CERN

CERN > IT > Linux

CentOS 7 - Updates for x86_64: system environment/libraries: krb5-pkinit

krb5-pkinit - The PKINIT module for Kerberos 5

Website: http://web.mit.edu/kerberos/www/
License: MIT
Vendor: CentOS
Description:
Kerberos is a network authentication system. The krb5-pkinit
package contains the PKINIT plugin, which allows clients
to obtain initial credentials from a KDC using a private key and a
certificate.

Packages

krb5-pkinit-1.15.1-37.el7_6.x86_64 [164 KiB] Changelog by Robbie Harwood (2018-12-18):
- Bring back builtin crypto (openssl broke too many FIPS setups)
- Resolves: #1657890
krb5-pkinit-1.15.1-34.el7.x86_64 [164 KiB] Changelog by Robbie Harwood (2018-08-01):
- In FIPS mode, add plaintext fallback for RC4 usages and taint
- Resolves: #1570600
krb5-pkinit-1.15.1-19.el7.x86_64 [162 KiB] Changelog by Robbie Harwood (2018-03-02):
- Limit ticket lifetime to 2^31-1 seconds
- Resolves: #1554723
krb5-pkinit-1.15.1-18.el7.x86_64 [162 KiB] Changelog by Robbie Harwood (2017-11-28):
- Expose context errors in pkinit_server_plugin_init
- Resolves: #1460089
krb5-pkinit-1.15.1-8.el7.x86_64 [160 KiB] Changelog by Robbie Harwood (2017-04-28):
- Add kprop.service argument file
- Resolves: #1389073
krb5-pkinit-1.14.1-27.el7_3.x86_64 [157 KiB] Changelog by Robbie Harwood (2016-11-02):
- Properly handle EOF on libkrad sockets
- Resolves: #1382449
krb5-pkinit-1.14.1-26.el7.x86_64 [157 KiB] Changelog by Robbie Harwood (2016-08-17):
- Use responder in non-preauth AS reqs
- Resolves: #1363690
krb5-pkinit-1.13.2-12.el7_2.x86_64 [153 KiB] Changelog by Robbie Harwood (2016-02-12):
- Fix CVE-2015-8631, CVE-2015-8630, and CVE-2015-8629
- Remove obsolete trigger to enable building of package
- Resolves: #1306969
krb5-pkinit-1.13.2-10.el7.x86_64 [153 KiB] Changelog by Robbie Harwood (2015-09-04):
- Add patch and test case for "KDC does not return proper
  client principal for client referrals"
- Resolves: #1259846
krb5-pkinit-1.12.2-15.el7_1.x86_64 [146 KiB] Changelog by Roland Mainz (2015-08-26):
- Add a patch to fix RedHat bug #1256870 ("KDC sends multiple
  requests to ipa-otpd for the same authentication") which causes
  the KDC to send multiple retries to ipa-otpd for TCP transports
  while it should only be done for UDP.

Listing created by repoview