Date: Thu, 19 Feb 1998 16:32:57 +0000
From: Christopher Blizzard <blizzard@APPLIEDTHEORY.COM>
Subject: [Fwd: MIT Kerberos V5 R1.0.5 is released]
To: BUGTRAQ@NETSPACE.ORG
This is a multi-part message in MIME format.
--------------3EA54CB021FA14B43F000AED
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
--
------------
Christopher Blizzard
AppliedTheory Communications, Inc.
http://odin.appliedtheory.com/
blizzard@appliedtheory.com
------------
--------------3EA54CB021FA14B43F000AED
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Return-Path: <tlyu@MIT.EDU>
Received: from franklin.appliedtheory.com (franklin.appliedtheory.com [192.77.173.116])
by odin.appliedtheory.com (8.8.7/8.8.7) with ESMTP id XAA21759
for <blizzard@odin.appliedtheory.com>; Tue, 17 Feb 1998 23:29:50 -0500
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28])
by franklin.appliedtheory.com (8.8.8/8.8.8) with SMTP id XAA12019
for <blizzard@AppliedTheory.com>; Tue, 17 Feb 1998 23:30:36 -0500 (EST)
Received: from TESLA-COIL.MIT.EDU by MIT.EDU with SMTP
id AA28454; Tue, 17 Feb 98 22:51:39 EST
Received: by tesla-coil.MIT.EDU (SMI-8.6/4.7) id WAA27390; Tue, 17 Feb 1998 22:51:10 -0500
Date: Tue, 17 Feb 1998 22:51:10 -0500
Message-Id: <199802180351.WAA27390@tesla-coil.MIT.EDU>
To: kerberos-announce@MIT.EDU, kerberos@MIT.EDU
From: Tom Yu <tlyu@MIT.EDU>
Subject: MIT Kerberos V5 R1.0.5 is released
The MIT Kerberos Team is proud to announce the availability of MIT
Kerberos V5 Release 1.0.5. This release is a bug-fix release only;
there are no feature enhancements over the 1.0.4 release.
The following bugs were fixed:
* A buffer size problem in klogind that was causing some redisplay
problems under Irix has been fixed. [krb5-appl/527]
* v4rcp no longer explicitly refers to sys_errlist.
* Buffer overruns have been repaired in ftpd.
* ftpd now no longer has a name collision with the native log_wtmp()
function on some platforms.
* A buffer overrun in telnetd has been fixed.
* ksu no longer allows the use of an expired cached
ticket. [krb5-clients/545]
* The KDC now checks the length of incoming krb4 packets to avoid
overruns.
* The KDC actually returns a valid error packet in cases where it had
failed to in the past, which could cause coredumps.
* A logic bug in the gssapi library that caused
krb5_gss_wrap_size_limit() to return an incorrect size has been
fixed.
* The gssapi library now caches its rcache, preventing a file
descriptor leak. [krb5-libs/370]
* Memory leaks, freeing of freed memory, and failure to check the
return values of memory-allocating functions have been repaired in the
library. [krb5-libs/518]
* The "errno" member a db internal structure has been renamed to avoid
conflicting with a macro definition of "errno" in glibc.
* The profile parser has been vastly improved to strip trailing
whitespace and provide a real quoting mechanism.
* A goof in the previous fencepost error fix to the pty library has
been fixed.
Getting Kerberos V5 1.0.5
=========================
The simplest way to get the new 1.0.5 release is via the Web. Use the
following URL:
http://web.mit.edu/network/kerberos-form.html
Alternatively, you may retrieve the release using FTP:
FTP to athena-dist.mit.edu, in /pub/kerberos. Get the file
README.KRB5-1.0.5. It will contain instructions on how to
obtain the 1.0.5 release.
----------
Tom Yu
MIT Information Systems/Kerberos Development Team
--------------3EA54CB021FA14B43F000AED--