Date:	Thu, 19 Feb 1998 16:32:57 +0000
From:	Christopher Blizzard <blizzard@APPLIEDTHEORY.COM>
Subject:      [Fwd: MIT Kerberos V5 R1.0.5 is released]
To:	BUGTRAQ@NETSPACE.ORG

This is a multi-part message in MIME format.
--------------3EA54CB021FA14B43F000AED
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

--

------------
Christopher Blizzard
AppliedTheory Communications, Inc.
http://odin.appliedtheory.com/
blizzard@appliedtheory.com
------------
--------------3EA54CB021FA14B43F000AED
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Return-Path: <tlyu@MIT.EDU>
Received: from franklin.appliedtheory.com (franklin.appliedtheory.com [192.77.173.116])
        by odin.appliedtheory.com (8.8.7/8.8.7) with ESMTP id XAA21759
        for <blizzard@odin.appliedtheory.com>; Tue, 17 Feb 1998 23:29:50 -0500
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28])
        by franklin.appliedtheory.com (8.8.8/8.8.8) with SMTP id XAA12019
        for <blizzard@AppliedTheory.com>; Tue, 17 Feb 1998 23:30:36 -0500 (EST)
Received: from TESLA-COIL.MIT.EDU by MIT.EDU with SMTP
        id AA28454; Tue, 17 Feb 98 22:51:39 EST
Received: by tesla-coil.MIT.EDU (SMI-8.6/4.7) id WAA27390; Tue, 17 Feb 1998 22:51:10 -0500
Date: Tue, 17 Feb 1998 22:51:10 -0500
Message-Id: <199802180351.WAA27390@tesla-coil.MIT.EDU>
To: kerberos-announce@MIT.EDU, kerberos@MIT.EDU
From: Tom Yu <tlyu@MIT.EDU>
Subject: MIT Kerberos V5 R1.0.5 is released

The MIT Kerberos Team is proud to announce the availability of MIT
Kerberos V5 Release 1.0.5.  This release is a bug-fix release only;
there are no feature enhancements over the 1.0.4 release.
The following bugs were fixed:

* A buffer size problem in klogind that was causing some redisplay
problems under Irix has been fixed. [krb5-appl/527]

* v4rcp no longer explicitly refers to sys_errlist.

* Buffer overruns have been repaired in ftpd.

* ftpd now no longer has a name collision with the native log_wtmp()
function on some platforms.

* A buffer overrun in telnetd has been fixed.

* ksu no longer allows the use of an expired cached
ticket. [krb5-clients/545]

* The KDC now checks the length of incoming krb4 packets to avoid
overruns.

* The KDC actually returns a valid error packet in cases where it had
failed to in the past, which could cause coredumps.

* A logic bug in the gssapi library that caused
krb5_gss_wrap_size_limit() to return an incorrect size has been
fixed.

* The gssapi library now caches its rcache, preventing a file
descriptor leak. [krb5-libs/370]

* Memory leaks, freeing of freed memory, and failure to check the
return values of memory-allocating functions have been repaired in the
library.  [krb5-libs/518]

* The "errno" member a db internal structure has been renamed to avoid
conflicting with a macro definition of "errno" in glibc.

* The profile parser has been vastly improved to strip trailing
whitespace and provide a real quoting mechanism.

* A goof in the previous fencepost error fix to the pty library has
been fixed.

Getting Kerberos V5 1.0.5
=========================

The simplest way to get the new 1.0.5 release is via the Web.  Use the
following URL:

        http://web.mit.edu/network/kerberos-form.html

Alternatively, you may retrieve the release using FTP:

        FTP to athena-dist.mit.edu, in /pub/kerberos.  Get the file
        README.KRB5-1.0.5.  It will contain instructions on how to
        obtain the 1.0.5 release.

----------
Tom Yu
MIT Information Systems/Kerberos Development Team

--------------3EA54CB021FA14B43F000AED--