[ol8_baseos_latest] krb5-pkinit-1.18.2-32.0.1.el8_10.aarch64

Name:	krb5-pkinit
Version:	1.18.2
Release:	32.0.1.el8_10
Architecture:	aarch64
Group:	System Environment/Libraries
Size:	138464
License:	MIT
RPM:	krb5-pkinit-1.18.2-32.0.1.el8_10.aarch64.rpm
Source RPM:	krb5-1.18.2-32.0.1.el8_10.src.rpm
Build Date:	Tue Jun 03 2025
Build Host:	build-ol8-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://web.mit.edu/kerberos/www/
Summary:	The PKINIT module for Kerberos 5
Description:	Kerberos is a network authentication system. The krb5-pkinit package contains the PKINIT plugin, which allows clients to obtain initial credentials from a KDC using a private key and a certificate.

Changelog (Show File list) (Show related packages)

Mon Jun 02 2025 EL Errata <el-errata_ww@oracle.com> - 1.18.2-32.0.1
```
- Fixed race condition in krb5_set_password() [Orabug: 33609767]
```

Thu Apr 24 2025 Julien Rische <jrische@redhat.com> - 1.18.2-32

- Do not block HMAC-MD4/5 in FIPS mode
  Resolves: RHEL-86786
- Don't issue RC4 session keys by default (CVE-2025-3576)
  Resolves: RHEL-88049
- Add PKINIT paChecksum2 from MS-PKCA v20230920
  Resolves: RHEL-82648

Tue Feb 11 2025 Julien Rische <jrische@redhat.com> - 1.18.2-31

- Prevent overflow when calculating ulog block size (CVE-2025-24528)
  Resolves: RHEL-78248
- kdb5_util: fix DB entry flags on modification
  Resolves: RHEL-56060

Thu Oct 17 2024 Julien Rische <jrische@redhat.com> - 1.18.2-30

- libkrad: implement support for Message-Authenticator (CVE-2024-3596)
  Resolves: RHEL-50253
- Remove RSA protocol for PKINIT
  Resolves: RHEL-17616

Mon Jul 01 2024 Julien Rische <jrische@redhat.com> - 1.18.2-29

- CVE-2024-37370 CVE-2024-37371
  Fix vulnerabilities in GSS message token handling
  Resolves: RHEL-45398 RHEL-45386

Tue Apr 09 2024 Julien Rische <jrische@redhat.com> - 1.18.2-28

- Fix leak of default credentials in gss_inquire_cred()
  Resolves: RHEL-32258

Thu Mar 21 2024 Julien Rische <jrische@redhat.com> - 1.18.2-27

- Fix memory leak in GSSAPI interface
  Resolves: RHEL-27250
- Fix memory leak in PMAP RPC interface
  Resolves: RHEL-27244
- Make TCP waiting time configurable
  Resolves: RHEL-17131

Wed Sep 27 2023 Julien Rische <jrische@redhat.com> - 1.18.2-26
```
- Allow to make AD-SIGNEDPATH optional
  Resolves: RHEL-10514
```
Thu Jul 06 2023 Julien Rische <jrische@redhat.com> - 1.18.2-25
```
- Bump release number
```

Wed Jul 05 2023 Julien Rische <jrische@redhat.com> - 1.18.2-24

- Remove downloadable source signature file
- Resolves: rhbz#2219654