[ol9_baseos_latest] krb5-workstation-1.21.1-9.0.1.el9_7.x86_64

Kerberos is a network authentication system. The krb5-workstation
package contains the basic Kerberos programs (kinit, klist, kdestroy,
kpasswd). If your network uses Kerberos, this package should be
installed on every workstation.

Changelog (Show File list) (Show related packages)

• Wed Apr 22 2026 EL Errata <el-errata_ww@oracle.com> - 1.21.1-9.0.1

  - Fixed race condition in krb5_set_password() [Orabug: 33609767]

• Thu Feb 19 2026 Julien Rische <jrische@redhat.com> - 1.21.1-9

  - krad: packet ID fetched from uninitialized variable
    Resolves: RHEL-150953

• Fri Apr 18 2025 Julien Rische <jrische@redhat.com> - 1.21.1-8

  - Do not block HMAC-MD4/5 in FIPS mode
    Resolves: RHEL-88704
  - Don't issue RC4 session keys by default (CVE-2025-3576)
    Resolves: RHEL-88048
  - Add PKINIT paChecksum2 from MS-PKCA v20230920
    Resolves: RHEL-82647

• Tue Mar 25 2025 Julien Rische <jrische@redhat.com> - 1.21.1-7

  - Add dedicated tests sub-package

• Wed Jan 29 2025 Julien Rische <jrische@redhat.com> - 1.21.1-6

  - Prevent overflow when calculating ulog block size (CVE-2025-24528)
    Resolves: RHEL-76759

• Fri Jan 17 2025 Julien Rische <jrische@redhat.com> - 1.21.1-5

  - Support PKCS11 EC client certs in PKINIT
    Resolves: RHEL-74374
  - kdb5_util: fix DB entry flags on modification
    Resolves: RHEL-56059
  - Add ECDH support for PKINIT (RFC5349)
    Resolves: RHEL-4902

• Thu Oct 17 2024 Julien Rische <jrische@redhat.com> - 1.21.1-4

  - libkrad: implement support for Message-Authenticator (CVE-2024-3596)
    Resolves: RHEL-55423
  - Fix various issues detected by static analysis
    Resolves: RHEL-58216
  - Remove RSA protocol for PKINIT
    Resolves: RHEL-15323

• Fri Jul 05 2024 Julien Rische <jrische@redhat.com> - 1.21.1-3

  - CVE-2024-37370 CVE-2024-37371
    Fix vulnerabilities in GSS message token handling
    Resolves: RHEL-45402 RHEL-45392