-
Fri Nov 18 2022 EL Errata <el-errata_ww@oracle.com> - 1.19.1-23.0.1
- Fixed race condition in krb5_set_password() [Orabug: 33609767]
-
Tue Oct 18 2022 Julien Rische <jrische@redhat.com> - 1.19.1-23
- Fix kprop for propagating dump files larger than 4GB
- Resolves: rhbz#2133014
-
Fri Jul 08 2022 Julien Rische <jrische@redhat.com> - 1.19.1-22
- Restore "supportedCMSTypes" attribute in PKINIT preauth requests
- Set SHA-512 or SHA-256 with RSA as preferred CMS signature algorithms
- Resolves: rhbz#2068935
-
Thu Jun 23 2022 Julien Rische <jrische@redhat.com> - 1.19.1-21
- Fix libkrad client cleanup
- Allow use of larger RADIUS attributes in krad library
- Resolves: rhbz#2100351
-
Thu May 12 2022 Julien Rische <jrische@redhat.com> - 1.19.1-20
- Fix OpenSSL 3 MD5 encyption in FIPS mode
- Allow libkrad UDP/TCP connection to localhost in FIPS mode
- Resolves: rhbz#2068458
-
Mon May 02 2022 Julien Rische <jrische@redhat.com> - 1.19.1-19
- Use p11-kit as default PKCS11 module
- Resolves: rhbz#2030981
-
Tue Apr 26 2022 Julien Rische <jrische@redhat.com> - 1.19.1-18
- Try harder to avoid password change replay errors
- Resolves: rhbz#2075186
-
Mon Mar 14 2022 Julien Rische <jrische@redhat.com> - 1.19.1-15
- Use SHA-256 instead of SHA-1 for PKINIT CMS digest
-
Thu Feb 24 2022 Julien Rische <jrische@redhat.com> - 1.19.1-14
- Bypass FIPS restrictions to use KRB5KDF in case AES SHA-1 HMAC is enabled
- Lazily load MD4/5 from OpenSSL if using RADIUS or RC4 enctype in FIPS mode
-
Fri Dec 17 2021 Antonio Torres <antorres@redhat.com> - 1.19.1-13
- Remove -specs= from krb5-config output
- Resolves #1997021