-
Wed Oct 30 2024 Mridula Shastry <mridula.c.shastry@oracle.com> - 1.15.1-55.0.5
- Add CVE numbers to the changelog entry for version 1.15.1-55.0.3
-
Mon Aug 19 2024 Mridula Shastry <mridula.c.shastry@oracle.com> - 1.15.1-55.0.3
- Length check when parsing GSS token encapsulation [Orabug: 36927256]
- Add a simple DER support header [Orabug: 36927256]
- Fix vulnerabilities in GSS message token handling [Orabug: 36927256] (CVE-2024-37370 CVE-2024-37371)
-
Mon Nov 28 2022 Darren Archibald <darren.archibald@oracle.com> - 1.15.1-55.0.1
- Add recursion limit for ASN.1 indefinite lengths [Orabug: 32582360]
-
Tue Nov 08 2022 Julien Rische <jrische@redhat.com> - 1.15.1-55
- Fix integer overflows in PAC parsing (CVE-2022-42898)
- Resolves: rhbz#2140961
-
Wed Apr 27 2022 Julien Rische <jrische@redhat.com> - 1.15.1-54
- Try harder to avoid password change replay errors
- Resolves: #2063163
-
Thu Apr 07 2022 Julien Rische <jrische@redhat.com> - 1.15.1-53
- Backport usage of SHA-256 instead of SHA-1 for PKINIT CMS digest
- Resolves: #2066319
-
Wed Oct 20 2021 Antonio Torres <antorres@redhat.com> - 1.15.1-51
- Fix KDC null deref on TGS inner body null server (CVE-2021-37750)
- Resolves: #1997599
-
Mon Apr 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.15.1-50
- Disable smoke tests on s390x and remove sleep
- Resolves: #1782492
-
Mon Apr 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.15.1-49
- Fix LDAP policy enforcement of pw_expiration
- Resolves: #1782492
-
Mon Apr 06 2020 Robbie Harwood <rharwood@redhat.com> - 1.15.1-48
- Fix LDAP policy enforcement of pw_expiration
- Resolves: #1782492