Hello community, here is the log from the commit of package krb5 for openSUSE:Factory checked in at 2018-05-10 15:43:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/krb5 (Old) and /work/SRC/openSUSE:Factory/.krb5.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "krb5" Thu May 10 15:43:54 2018 rev:135 rq:604020 version:1.15.3 Changes: -------- --- /work/SRC/openSUSE:Factory/krb5/krb5-mini.changes 2018-05-02 12:16:48.887699478 +0200 +++ /work/SRC/openSUSE:Factory/.krb5.new/krb5-mini.changes 2018-05-10 15:44:07.592860018 +0200 @@ -1,0 +2,17 @@ +Fri May 4 09:48:36 UTC 2018 - michael@stroeder.com + +- Upgrade to 1.15.3 + * Fix flaws in LDAP DN checking, including a null dereference KDC + crash which could be triggered by kadmin clients with administrative + privileges [CVE-2018-5729, CVE-2018-5730]. + * Fix a KDC PKINIT memory leak. + * Fix a small KDC memory leak on transited or authdata errors when + processing TGS requests. + * Fix a null dereference when the KDC sends a large TGS reply. + * Fix "kdestroy -A" with the KCM credential cache type. + * Fix the handling of capaths "." values. + * Fix handling of repeated subsection specifications in profile files + (such as when multiple included files specify relations in the same + subsection). + +------------------------------------------------------------------- krb5.changes: same change Old: ---- krb5-1.15.2.tar.gz krb5-1.15.2.tar.gz.asc New: ---- krb5-1.15.3.tar.gz krb5-1.15.3.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-mini.spec ++++++ --- /var/tmp/diff_new_pack.SnRY0S/_old 2018-05-10 15:44:10.052769865 +0200 +++ /var/tmp/diff_new_pack.SnRY0S/_new 2018-05-10 15:44:10.052769865 +0200 @@ -21,7 +21,7 @@ %define _fillupdir /var/adm/fillup-templates %endif -%define srcRoot krb5-1.15.2 +%define srcRoot krb5-1.15.3 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/ %define krb5docdir %{_defaultdocdir}/krb5 @@ -34,7 +34,7 @@ BuildRequires: libcom_err-devel BuildRequires: libselinux-devel BuildRequires: ncurses-devel -Version: 1.15.2 +Version: 1.15.3 Release: 0 Summary: MIT Kerberos5 implementation and libraries with minimal dependencies License: MIT ++++++ krb5.spec ++++++ --- /var/tmp/diff_new_pack.SnRY0S/_old 2018-05-10 15:44:10.080768839 +0200 +++ /var/tmp/diff_new_pack.SnRY0S/_new 2018-05-10 15:44:10.084768692 +0200 @@ -30,7 +30,7 @@ BuildRequires: libcom_err-devel BuildRequires: libselinux-devel BuildRequires: ncurses-devel -Version: 1.15.2 +Version: 1.15.3 Release: 0 Summary: MIT Kerberos5 implementation License: MIT ++++++ krb5-1.15.2.tar.gz -> krb5-1.15.3.tar.gz ++++++ /work/SRC/openSUSE:Factory/krb5/krb5-1.15.2.tar.gz /work/SRC/openSUSE:Factory/.krb5.new/krb5-1.15.3.tar.gz differ: char 5, line 1