system environment/libraries

krb5-pkinit-openssl - The PKINIT module for Kerberos 5

Website: http://web.mit.edu/kerberos/www/
License: MIT
Vendor: Scientific Linux
Description:
Kerberos is a network authentication system. The krb5-pkinit
package contains the PKINIT plugin, which allows clients
to obtain initial credentials from a KDC using a private key and a
certificate.

Packages

krb5-pkinit-openssl-1.10.3-42z1.el6_7.i686 [123 KiB] Changelog by Robbie Harwood (2016-02-12):
- Fix CVE-2015-8629 and CVE-2015-8631
- Also fix a spec trigger issue that prevents building
- Resolves: #1306973
krb5-pkinit-openssl-1.10.3-37.el6_6.i686 [121 KiB] Changelog by Roland Mainz (2015-04-01):
- fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated
  denial of service in recvauth_common() and others"
krb5-pkinit-openssl-1.10.3-33.el6.i686 [120 KiB] Changelog by Nalin Dahyabhai (2014-08-06):
- actually apply that last patch
krb5-pkinit-openssl-1.10.3-10.el6_4.3.i686 [116 KiB] Changelog by Nalin Dahyabhai (2013-05-31):
- pull up fix for UDP ping-pong flaw in kpasswd service (CVE-2002-2443,
krb5-pkinit-openssl-1.10.3-10.el6_4.2.i686 [116 KiB] Changelog by Nalin Dahyabhai (2013-04-09):
- incorporate upstream patch to fix a NULL pointer dereference while processing
  certain TGS requests (CVE-2013-1416, #950342)
krb5-pkinit-openssl-1.10.3-10.el6_4.1.i686 [116 KiB] Changelog by Nalin Dahyabhai (2013-03-05):
- incorporate upstream patch to fix a NULL pointer dereference when the client
  supplies an otherwise-normal-looking PKINIT request (CVE-2013-1415, #917909)
- add patch to avoid dereferencing a NULL pointer in the KDC when handling a
  draft9 PKINIT request (#917909, CVE-2012-1016)

Listing created by Repoview-0.6.6-4.el7