Lines Matching +full:key +full:- +full:release
1 Release Notes - Heimdal - Version Heimdal 1.5.2
4 - CVE-2011-4862 Buffer overflow in libtelnet/encrypt.c in telnetd - escalation of privilege
5 - Check that key types strictly match - denial of service
7 Release Notes - Heimdal - Version Heimdal 1.5.1
10 - Fix building on Solaris, requires c99
11 - Fix building on Windows
12 - Build system updates
14 Release Notes - Heimdal - Version Heimdal 1.5
18 - Support GSS name extensions/attributes
19 - SHA512 support
20 - No Kerberos 4 support
21 - Basic support for MIT Admin protocol (SECGSS flavor)
23 - Replace editline with libedit
25 Release Notes - Heimdal - Version Heimdal 1.4
29 - Support for reading MIT database file directly
30 - KCM is polished up and now used in production
31 - NTLM first class citizen, credentials stored in KCM
32 - Table driven ASN.1 compiler, smaller!, not enabled by default
33 - Native Windows client support
37 - Disabled write support NDBM hdb backend (read still in there) since
41 Release Notes - Heimdal - Version Heimdal 1.3.3
44 - Check the GSS-API checksum exists before trying to use it [CVE-2010-1321]
45 - Check NULL pointers before dereference them [kdc]
47 Release Notes - Heimdal - Version Heimdal 1.3.2
51 - Don't mix length when clearing hmac (could memset too much)
52 - More paranoid underrun checking when decrypting packets
53 - Check the password change requests and refuse to answer empty packets
54 - Build on OpenSolaris
55 - Renumber AD-SIGNED-TICKET since it was stolen from US
56 - Don't cache /dev/*random file descriptor, it doesn't get unloaded
57 - Make C++ safe
58 - Misc warnings
60 Release Notes - Heimdal - Version Heimdal 1.3.1
64 - Store KDC offset in credentials
65 - Many many more bug fixes
67 Release Notes - Heimdal - Version Heimdal 1.3.1
71 - Make work with OpenLDAPs krb5 overlay
73 Release Notes - Heimdal - Version Heimdal 1.3
77 - Partial support for MIT kadmind rpc protocol in kadmind
78 - Better support for finding keytab entries when using SPN aliases in the KDC
79 - Support BER in ASN.1 library (needed for CMS)
80 - Support decryption in Keychain private keys
81 - Support for new sqlite based credential cache
82 - Try both KDC referals and the common DNS reverse lookup in GSS-API
83 - Fix the KCM to not leak resources on failure
84 - Add IPv6 support to iprop
85 - Support localization of error strings in
87 - Remove Kerberos 4 support in application (still in KDC)
88 - Deprecate DES
89 - Support i18n password in windows domains (using UTF-8)
90 - More complete API emulation of OpenSSL in hcrypto
91 - Support for ECDSA and ECDH when linking with OpenSSL
95 - Support for settin friendly name on credential caches
96 - Move to using doxygen to generate documentation.
97 - Sprinkling __attribute__((depricated)) for old function to be removed
98 - Support to export LAST-REQUST information in AS-REQ
99 - Support for client deferrals in in AS-REQ
100 - Add seek support for krb5_storage.
101 - Support for split AS-REQ, first step for IA-KERB
102 - Fix many memory leaks and bugs
103 - Improved regression test
104 - Support krb5_cccol
105 - Switch to krb5_set_error_message
106 - Support krb5_crypto_*_iov
107 - Switch to use EVP for most function
108 - Use SOCK_CLOEXEC and O_CLOEXEC (close on exec)
109 - Add support for GSS_C_DELEG_POLICY_FLAG
110 - Add krb5_cc_[gs]et_config to store data in the credential caches
111 - PTY testing application
114 - Make building on AIX6 possible.
115 - Bugfixes in LDAP KDC code to make it more stable
116 - Make ipropd-slave reconnect when master down gown
119 Release Notes - Heimdal - Version Heimdal 1.2.1
123 [HEIMDAL-147] - Heimdal 1.2 not compiling on Solaris
124 [HEIMDAL-151] - Make canned tests work again after cert expired
125 [HEIMDAL-152] - iprop test: use full hostname to avoid realm
127 [HEIMDAL-153] - ftp: Use the correct length for unmap, msync
129 Release Notes - Heimdal - Version Heimdal 1.2
133 [HEIMDAL-10] - Follow-up on bug report for SEGFAULT in
135 [HEIMDAL-15] - Re: [Heimdal-bugs] potential bug in Heimdal 1.1
136 [HEIMDAL-17] - Remove support for depricated [libdefaults]capath
137 [HEIMDAL-52] - hdb overwrite aliases for db databases
138 [HEIMDAL-54] - Two issues which affect credentials delegation
139 [HEIMDAL-58] - sockbuf.c calls setsockopt with bad args
140 [HEIMDAL-62] - Fix printing of sig_atomic_t
141 [HEIMDAL-87] - heimdal 1.1 not building under cygwin in hcrypto
142 [HEIMDAL-105] - rcp: sync rcp with upstream bsd rcp codebase
143 [HEIMDAL-117] - Use libtool to detect symbol versioning (Debian Bug#453241)
146 [HEIMDAL-67] - Fix locking and store credential in atomic writes
148 [HEIMDAL-106] - make compile on cygwin again
149 [HEIMDAL-107] - Replace old random key generation in des module
151 [HEIMDAL-115] - Better documentation and compatibility in hcrypto
155 [HEIMDAL-3] - pkinit alg agility PRF test vectors
156 [HEIMDAL-14] - Add libwind to Heimdal
157 [HEIMDAL-16] - Use libwind in hx509
158 [HEIMDAL-55] - Add flag to krb5 to not add GSS-API INT|CONF to
160 [HEIMDAL-74] - Add support to report extended error message back
161 in AS-REQ to support windows clients
162 [HEIMDAL-116] - test pty based application (using rkpty)
163 [HEIMDAL-120] - Use new OpenLDAP API (older deprecated)
166 [HEIMDAL-63] - Dont try key usage KRB5_KU_AP_REQ_AUTH for TGS-REQ.
168 [HEIMDAL-64] - kcm: first implementation of kcm-move-cache
169 [HEIMDAL-65] - Failed to compile with --disable-pk-init
170 [HEIMDAL-80] - verify that [VU#162289]: gcc silently discards some
173 Changes in release 1.1
175 * Read-only PKCS11 provider built-in to hx509.
179 * Better compatibilty with Windows 2008 Server pre-releases and Vista.
183 * Provide pkg-config file for Heimdal (heimdal-gssapi.pc).
187 Changes in release 1.0.2
193 Changes in release 1.0.1
209 Changes in release 1.0
213 * Make session key for the krbtgt be selected by the best encryption
216 * Better interoperability with other PK-INIT implementations.
231 Changes in release 0.8.1
234 make it inter-operate with MIT Kerberos again.
236 * Make GSS-API library work again when using gss_acquire_cred
244 Changes in release 0.8
246 * PK-INIT support.
248 * HDB extensions support, used by PK-INIT.
252 * GSS-API mechglue from FreeBSD.
262 * Updated the built-in crypto library with bignum support using
266 operation in the KDC, currently supports: CHAP, MS-CHAP-V2, SASL
267 DIGEST-MD5 NTLMv1 and NTLMv2.
271 PK-INIT requests.
284 Changes in release 0.7.2
290 in a NULL de-reference before the user logged in, resulting in inetd
297 * Fix receiving end of token delegation for GSS-API. It still wrongly
306 Changes in release 0.7.1
310 Changes in release 0.7
324 Changes in release 0.6.6
330 in a NULL de-reference before the user logged in, resulting in inetd
333 Changes in release 0.6.5
339 Changes in release 0.6.4
350 Changes in release 0.6.3
363 Changes in release 0.6.2
367 Changes in release 0.6.1
379 Changes in release 0.6
381 * The DES3 GSS-API mechanism has been changed to inter-operate with
383 on generation of correct MIC messages. Next major release of heimdal
386 * More complete GSS-API support
395 Changes in release 0.5.2
397 * kdc: add option for disabling v4 cross-realm (defaults to off)
401 Changes in release 0.5.1
409 * telnet: use the session key if there is no subkey
415 Changes in release 0.5
417 * add --detach option to kdc
429 * more system-specific requirements in login
441 Changes in release 0.4e
455 Changes in release 0.4d
463 * rsh: clean-up and add man page
465 * fix -A and -a in builtin-ls in tpd
473 Changes in release 0.4c
487 Changes in release 0.4b
491 Changes in release 0.4a
493 * corrected key used for checksum in mk_safe, unfortunately this
498 * re-write dns/config lookups (krb5_krbhst API)
512 Changes in release 0.3f
523 * add kadmin -K, rcp -F
537 Changes in release 0.3e
550 * fixes in parsing of options to kadmin (sub-)commands
556 Changes in release 0.3d
558 * add krb5-config
560 * fix a bug in 3des gss-api mechanism, making it compatible with the
568 * lib/krb5, kdc: use correct usage type for ap-req messages. This
580 Changes in release 0.3c
590 Changes in release 0.3b
592 * kdc: prefer default-salted keys on v5 requests
602 Changes in release 0.3a:
604 * implement arcfour-hmac-md5 to interoperate with W2K
606 * modularise the handling of the master key, and allow for other
608 some other source without having to re-encrypt all keys.
620 * implement more DCE/DFS support, enabled with --enable-dce, see
627 Changes in release 0.2t:
631 Changes in release 0.2s:
645 Changes in release 0.2r:
649 * `add --key' and `cpw --key' in kadmin
655 * make v4 -> v5 principal name conversion more robust
659 * new man-pages
666 * make the code happier with 64-bit time_t
668 * follow RFC2782 and by default do not look for non-underscore SRV names
670 Changes in release 0.2q:
672 * bug fix in tcp-handling in kdc
676 Changes in release 0.2p:
682 Changes in release 0.2o:
686 * new option --addresses to kdc (for listening on an explicit set of
693 Changes in release 0.2n:
697 8601 format (Y-M-DTH:M:S)
698 * changed md4/md5/sha1 APIes to be de-facto `standard'
699 * always make hostname into lower-case before creating principal
700 * small bits of more MIT-compatability
703 Changes in release 0.2m:
711 Changes in release 0.2l:
715 Changes in release 0.2k:
730 Changes in release 0.2j:
738 * work around broken IPv6-code on OpenBSD 2.6, also add configure
739 option --disable-ipv6
741 Changes in release 0.2i:
751 Changes in release 0.2h:
755 Changes in release 0.2g:
761 * works better with non-roken getaddrinfo
765 Changes in release 0.2f:
768 * look for both _kerberos and krb5-realm when doing host -> realm mapping
770 Changes in release 0.2e:
772 * changed copyright notices to remove `advertising'-clause.
776 * do pre-auth for both password and key-based get_in_tkt
783 Changes in release 0.2d:
791 Changes in release 0.2c:
795 Changes in release 0.2b:
800 Changes in release 0.2a:
813 * v6-ify the remaining programs.
816 * add `ank --random-password' and `cpw --random-password' in kadmin
820 Changes in release 0.1m:
824 * v6-ify hprop and hpropd
827 * make rsh/rshd IPv6-aware
830 * handle systems with v6-aware libc and non-v6 kernels (like Linux
835 Changes in release 0.1l:
837 * make ftp and ftpd IPv6-aware
839 * more IPv6-awareness
842 Changes in release 0.1k:
848 Changes in release 0.1j:
851 in 0.1h and 0.1i but I did a CVS screw-up.
854 Changes in release 0.1i:
861 required patch to the Linux kernel -- ask within)
864 Changes in release 0.1h:
874 Changes in release 0.1g:
878 * krb5-aware kx
881 Changes in release 0.1f;
886 Changes in release 0.1e:
892 * new flag --enable-kaserver for kdc
897 * should build with --without-krb4
900 Changes in release 0.1d:
902 * Support building with DB2 (uses 1.85-compat API)
903 * Support krb5-realm.DOMAIN in DNS
908 Changes in release 0.1c:
916 Changes in release 0.1b:
918 * some old -> new crypto conversion utils
921 Changes in release 0.1a:
927 * IPv6-bug fixes
929 Changes in release 0.0u:
933 Changes in release 0.0t:
939 Changes in release 0.0s:
946 Changes in release 0.0r:
951 Changes in release 0.0q:
956 Changes in release 0.0p:
960 * Lots of more functionality in the gssapi-library
961 * hprop can now read ka-server databases
964 Changes in release 0.0o:
969 Changes in release 0.0n: