í«îÛ    krb5-client-1.6.3-132.7.1                                                           Ž­è         <   >     ,     è            ê          ì          9‰ K¿,I¸‹/Ô=½Â„êd –»öútþÒ
‰?µkeHÖ›u
,€´º´¤TyÇ4ªŸ2‘o©ê‹ÒUWsªæü:©©Ž'ÿçÛ“öç,“7êv®e-Ñç"5ïÓà²ËM:‡>v¹.V-÷ÄLd™`Na[à±T·7MÉ;am#ÈÉ”°±Ûì¤_³Î˜³JœØ›}Û.¾Õa%qÈÈ²°ž¼C›f4ƒm4Ò«ýÌJ² ÕCùóêô$X&ñqüK¢Ô«¸š0;BUré2áøÜ¶¶ÂuöÑM}œ*õ¡9ÿ•½ò.´Þ^miÙ/_
P<=ñTÄ2ÜYúK‹%¥ÅºIŽZ§.ÏJrzX*2@ï,œòì›ºFûâÙ<U^~K¬½¬   >   ÿÿÿÀ       Ž­è       9  1+   ?     1      d            è           é           ê           ì   	        í   	   K     î     Ô     ï     Ø     ñ     à     ò     ä     ó     ò     ö     û     ÷          ø   	       ü     =     ý     ^     þ     d          l          Ô     	          
     <          ¤          ^                               Š                    (                    ¸          	,          w     (     §     8     °   8  9        8  :        8  B     ,Ó     F     ,í     G     -      H     -h     I     -Ð     X     -ì     Y     -ø     Z     .     [     .     \     .     ]     .|     ^     /w     b     /ý     c     0ˆ     d     0ê     e     0ï     f     0ô     k     0ö     l     0û     z     1   C krb5-client 1.6.3 132.7.1 MIT Kerberos5 implementation - client programs Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords. This package includes some required
client programs, like kinit, kadmin, ...


Authors:
--------
    The MIT Kerberos Team
    Sam Hartman <hartmans@mit.edu>
    Ken Raeburn <raeburn@mit.edu>
    Tom Yu <tlyu@mit.edu>    K´l²drnek    ì‹openSUSE 11.1 openSUSE X11/MIT http://bugs.opensuse.org Productivity/Networking/Security http://web.mit.edu/kerberos/www/ linux i586                  &P  WP  VÜ  &x  &`  6¨     z  Ø0  G    ©  
C  8  ê  Á  ‡      l  ó  ë¡ÿ¡ÿAíAíííííííAíííí¤¤¤¤¤¤¤¤¤¤¤¤                                                    K´l¯K´l¯K´lK´l©K´l©K´l©K´l¨K´l©K´l¨K´l¨K´l§K´lœK´l¢K´l¥K´lœK´lK´lœK´lœK´lœK´lœK´lœK´lK´lK´lœK´lœK´lœ    92b84a94f8a0dbbeda427de421946757 6d9bed2391e98ca2f77ba3c00ac9e544 bdb09172af51e847bf5c7debfef86019 a91c622f799d7daa398e85ee14cfe764 72c3f53ebaee25d7c712233ef1e4c219 6781c91f218ce1497fa292e20fbb98d9  f64db2dcf7ba6c6dd172e6b02394d52d 10708209b75b575cdf197911d350397c 93efd3f11073c42a676989ad60c76ee6 6a9a44c256019deb0159082c3fa7a5cf 11a077eaa7cacc660475833f34de0cdf 40fe28208d3d2586639e8ddf771593a6 a18b6511d895a94bfbdcfee28466bc5f d907ca06ef8b8f67a01cbcbf0828d9ae ca4cd788504cd8bb56e50f2dc158820f 4501e757bdb151408c2378bb8aa74002 827d754832f8cd48cff54e48bd1843b5 36c172d1eef586a06359cbef8b5f280b 3d807a3444f969a330a356838ec6f6d8 5161a94929d2f35bb0f642312defce53 e85a288750fcb8581169f2cf7236ef1f ../lib/mit/bin/kinit ../lib/mit/bin/klist                                                                                                                     root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root krb5-1.6.3-132.7.1.src.rpm  ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿheimdal-tools heimdal-x11 krb5-client     J  J  @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   Jrpmlib(PayloadFilesHavePrefix) rpmlib(CompressedFileNames) /bin/sh libc.so.6 libc.so.6(GLIBC_2.0) libc.so.6(GLIBC_2.1) libc.so.6(GLIBC_2.1.3) libc.so.6(GLIBC_2.3) libc.so.6(GLIBC_2.3.4) libc.so.6(GLIBC_2.4) libcom_err.so.2 libdes425.so.3 libdl.so.2 libgssapi_krb5.so.2 libgssrpc.so.4 libk5crypto.so.3 libk5crypto.so.3(k5crypto_3_MIT) libkadm5clnt.so.5 libkadm5clnt.so.5(kadm5clnt_5_MIT) libkeyutils.so.1 libkrb4.so.2 libkrb4.so.2(krb4_2_MIT) libkrb5.so.3 libkrb5.so.3(krb5_3_MIT) libkrb5support.so.0 libkrb5support.so.0(krb5support_0_MIT) libresolv.so.2 libss.so.2 rpmlib(PayloadIsLzma) 4.0-1 3.0.4-1                           4.4.2-1 4.4.2.3  K«P@K?ÀIÕú@IÂ3ÀI¿ÀImÓÀIA ÀI?¯@I	¡ÀHÜÎÀH´ÀH‰À@HXøÀH*Ô@Gþ@Gü¯ÀGÚhÀGbp@GUA@G0W@Gâ@FêwÀFæƒ@FßëÀFÞš@F¸^ÀF–ÀFŒÝ@FˆèÀFq-ÀFm9@FA·ÀF9ÎÀF,ŸÀF&@F#e@FÍÀFª@Eì@EÝ…ÀEÙ‘@EÌb@E½áÀEµøÀE´§@E´§@E¤Õ@EšI@EO#ÀEAôÀEòÀDí”ÀDÜq@D×+@DÄ¶@D©Àmc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de olh@suse.de mc@suse.de olh@suse.de olh@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de ro@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de sschober@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de mc@suse.de - fix kadmind denial of service (bnc#591049)
  CVE-2010-0629 - fix integer underflow in AES and RC4 decryption
  CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351) - integrate new patches for CVE-2009-0844 and CVE-2009-0845
  (bnc#486722) - more Kerberos denial of service issue fixed (bnc#486722)
  CVE-2009-0844, CVE-2009-0847
  (integrate krb5-1.6-fix-DoS-CVE-2009-0845.dif into
  krb5-1.6-MITKRB5-SA-2009-001.dif)
- fix krb5 code exec (bnc#486723)
  CVE-2009-0846 - fix Kerberos denial of service issue (bnc#485894)
  CVE-2009-0845 - obsolete also old heimdal-lib-XXbit and heimdal-devel-XXbit - do not query IPv6 addresses if no IPv6 address exists on this host
  [bnc#449143] - use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
  (bnc#437293) - obsolete old -XXbit packages (bnc#437293) - in case we use ldap as database backend, ldap should be
  started before krb5kdc - add new fixes to post 1.6.3 patch
  * fix mem leak in krb5_gss_accept_sec_context()
  * keep minor_status
  * kadm5_decrypt_key: A ktype of -1 is documented as meaning
    "to be ignored"
  * Reject socket fds > FD_SETSIZE - add patches from SVN post 1.6.3
  * krb5_string_to_keysalts: Fix an infinite loop
  * fix some mutex issues
  * better recovery from corrupt rcache files
  * some more small fixes - add case-insensitive.dif (FATE#300771)
- minor fixes for ktutil man page
- reduce rpmlint warnings - Fall back to TCP on kdc-unresolvable/unreachable errors.
- restore valid sequence number before generating requests
  (fix changing passwords in mixed ipv4/ipv6 enviroments) - added baselibs.conf file to build xxbit packages
  for multilib support - modify krb5-config to not output rpath and cflags in --libs
  (bnc#378270) - fix two security bugs:
  * MITKRB5-SA-2008-001(CVE-2008-0062, CVE-2008-0063)
    fix double free [bnc#361373]
  * MITKRB5-SA-2008-002(CVE-2008-0947, CVE-2008-0948)
    Memory corruption while too many open file descriptors
    [bnc#363151]
- change default config file. Comment out the examples. - fix several security bugs:
  * CVE-2007-5894 apparent uninit length
  * CVE-2007-5902 integer overflow
  * CVE-2007-5971 free of non-heap pointer and double-free
  * CVE-2007-5972 double fclose()
  [#346745, #346748, #346746, #346749, #346747] - improve GSSAPI error messages - add coreutils to PreReq - update to krb5 version 1.6.3
  * fix CVE-2007-3999, CVE-2007-4743 svc_auth_gss.c buffer overflow
  * fix CVE-2007-4000 modify_policy vulnerability
  * Add PKINIT support
- remove patches which are upstream now
- enhance init scripts and xinetd profiles - update krb5-1.6.2-post.dif
  * If a KDC returns KDC_ERR_SVC_UNAVAILABLE, it appears that
    that the client library will not failover to the next KDC.
    [#310540] - update krb5-1.6.2-post.dif
  * new -S sname option for kvno
  * read_entropy_from_device on partial read will not fill buffer
  * Bail out if encoded "ticket" doesn't decode correctly.
  * patch for referrals loop - fix a problem with the originally published patch
  for MITKRB5-SA-2007-006 - CVE-2007-3999
  [#302377] - fix execute arbitrary code
  (MITKRB5-SA-2007-006 - CVE-2007-3999,2007-4000)
  [#302377] - add krb5-1.6.2-post.dif
  * during the referrals loop, check to see if the
    session key enctype of a returned credential for the final
    service is among the enctypes explicitly selected by the
    application, and retry with old_use_conf_ktypes if it is not.
  * If mkstemp() is available, the new ccache file gets created but
    the subsequent open(O_CREAT|O_EXCL) call fails because the file
    was already created by mkstemp(). Apply patch from Apple to keep
    the file descriptor open. - update to version 1.6.2
- remove krb5-1.6.1-post.dif all fixes are included in this release - change requires to libcom_err-devel - update krb5-1.6.1-post.dif
  * fix leak in krb5_walk_realm_tree
  * rd_req_decoded needs to deal with referral realms
  * fix buffer overflow in kadmind
    (MITKRB5-SA-2007-005 - CVE-2007-2798)
    [#278689]
  * fix kadmind code execution bug
    (MITKRB5-SA-2007-004 - CVE-2007-2442 - CVE-2007-2443)
    [#271191] - fix unstripped-binary-or-object rpmlint warning - fixing rpmlint warnings and errors:
  * merged logrotate scripts kadmin and krb5kdc into a single file
    krb5-server.
  * moved heimdal2mit-DumpConvert.pl and simple_convert_krb5conf.pl
    from /usr/share/doc/packages/krb5 to /usr/lib/mit/helper.
    adapted krb5.spec and README.ConvertHeimdalMIT accordingly.
  * added surpression filter for
    "devel-file-in-non-devel-package /usr/lib/libgssapi_krb5.so"
    (see [#147912]).
  * set default runlevel of init scripts in chkconfig line to 3 and
    5 - fix uninitialized salt length
- add extra check for keytab file - adding krb5-1.6.1-post.dif
  * fix segfault in krb5_get_init_creds_password
  * remove debug output in ftp client
  * profile stores empty string values without double quotes - update to final 1.6.1 version - add plugin directories to main package - update to version 1.6.1 Beta1
- remove obsolete patches
  (krb5-1.6-post.dif, krb5-1.6-patchlevel.dif)
- rework compile_pie patch - update krb5-1.6-post.dif
  * fix kadmind stack overflow in krb5_klog_syslog
    (MITKRB5-SA-2007-002 - CVE-2007-0957)
    [#253548]
  * fix double free attack in the RPC library
    (MITKRB5-SA-2007-003 - CVE-2007-1216)
    [#252487]
  * fix krb5 telnetd login injection
    (MIT-SA-2007-001 - CVE-2007-0956)
    [#247765] - add ncurses-devel and bison to BuildRequires
- rework some patches - move SuSEFirewall service definitions to
  /etc/sysconfig/SuSEfirewall2.d/services - add firewall definition to krb5-server, FATE #300687 - update krb5-1.6-post.dif
- move some applications into the right package - update krb5-1.6-post.dif - krb5-1.6-fix-passwd-tcp.dif and krb5-1.6-fix-sendto_kdc-memset.dif
  are now upstream. Remove patches.
- fix leak in krb5_kt_resolve and krb5_kt_wresolve - fix "local variable used before set" in ftp.c
  [#237684] - krb5-devel should require keyutils-devel - update to version 1.6
  * Major changes in 1.6 include
  * Partial client implementation to handle server name referrals.
  * Pre-authentication plug-in framework, donated by Red Hat.
  * LDAP KDB plug-in, donated by Novell.
- remove obsolete patches - fix for
    kadmind (via RPC library) calls uninitialized function pointer
    (CVE-2006-6143)(Bug #225990)
    krb5-1.5-MITKRB5-SA-2006-002-fix-code-exec.dif
- fix for
    kadmind (via GSS-API mechglue) frees uninitialized pointers
    (CVE-2006-6144)(Bug #225992)
    krb5-1.5-MITKRB5-SA-2006-003-fix-free-of-uninitialized-pointer.dif - Fix Requires in krb5-devel
  [Bug #231008] - fix "local variable used before set" [#217692]
- fix strncat warning - add a default kadm5.dict file
- require $network on daemon start - fix function call with too few arguments [#203837] - update to version 1.5.1
- remove obsolete patches which are now included upstream
  * krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif
  * trunk-fix-uninitialized-vars.dif - krb5 setuid return check fixes
  krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif
  [#182351] - remove update-messages - add check for krb5_prop in services to kpropd init script.
  [#192446] - update to version 1.5
  * KDB abstraction layer, donated by Novell.
  * plug-in architecture, allowing for extension modules to be
    loaded at run-time.
  * multi-mechanism GSS-API implementation ("mechglue"),
    donated by Sun Microsystems
  * Simple and Protected GSS-API negotiation mechanism ("SPNEGO")
    implementation, donated by Sun Microsystems
- remove obsolete patches and add some new heimdal-tools heimdal-x11 drnek 1270115506                                                        [k [i Z¦ Z¨ \ [ü [é [ø [ñ [á Z§ [ [Ž [­ [( [" [& [9 ZÃ [ [$ [4 [B [. [* Zÿ                                         1.6.3-132.7.1                                                                                             kinit klist mit bin kdestroy kinit klist kpasswd krb524init kvno sbin k5srvutil kadmin ktutil kdestroy.1.gz kerberos.1.gz kinit.1.gz klist.1.gz kpasswd.1.gz krb524init.1.gz kvno.1.gz .k5login.5.gz krb5.conf.5.gz k5srvutil.8.gz kadmin.8.gz ktutil.8.gz /usr/bin/ /usr/lib/ /usr/lib/mit/ /usr/lib/mit/bin/ /usr/lib/mit/sbin/ /usr/share/man/man1/ /usr/share/man/man5/ /usr/share/man/man8/ -march=i586 -mtune=i686 -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g obs://build.suse.de/SUSE:openSUSE:11.1:Update:Test/standard/8af9a8ca5b87ebe4c56c19f6ca484ca6-krb5 cpio lzma 2 i586 i586-suse-linux W+T¥7Ps5	øX±ÿ   ?   ÿÿüp   ]   ÿÿÿÿÿÿÿÿ "ÌkÀ%rÞv^¯’/‰ùêŽ½¨IRÝ(,™4r“@ýj…“ø„Éÿ±¹¬UåªûSßwÕ­îÆ›Œ?šþ5ÒœÝßÎº&ˆé÷¹`¢Ë¤TÝêGÆt¿M`ÅfØTžŒ
.èÔ5å g+Ï’ˆ¼ ö_é.ï:§å |ÌØC»Ã6‰’¶³n“DWN´qH6Cõåå[†ÑºÊ‡­‰L²äŸ“„‡Ö¦¬ßh1g¡Þß±²=SêNDˆBZÜ†o¾È‡r>È°M(a¬¶R²Ô“DNÉ›WIv}v?RU4(¢4Jq"GÓöÙ¼:ë,v9Ø–Â@2?2úîO\XùDÒ y®ÍÒüL°Ø›gÛ£SáŒë!6Ôàm#"–Q‘_…;”ŸÅÌld°M¯eüt¸%÷„OUçñRìN®Ž¼ô|x½;9¸ÓÓkšÕÿ3º×ÄEƒlÜÁËä²¹Íúô4ËO-‚°—Óc†GUÍüÞâ¤‘:T-‰¬>’ææmÏÿ8˜MÐø_¶Ï%-@»ì»ÏC	r#ï²"È“,wÜ)¬Zl¨h&?™¹iþ.1»‚TL·¶ÀÄkfå(ø:ÙÉ“"G†ü‘Å.òÕ#©±d3¶x7½öèNGŒÔ)'Šõz£¡¼×ºuÅ‹oÁxõšLö®–’Œ¼’{…õcÛE¯}::OÀ²ÖÖu¯
‡™´Âvô§­ÊŸßÇ³èŠOy¯tÞ[Ì&„æßfGæÉÇ‚3H¥úÀ(âv—ÕV¶®¯lz-ÔC²2¡ª_ù¯­£h¸|½ŠëíÌ
c8S+€êÌÕ'»&Ä] Å÷}+áì…cAgO—úz™?_`Ÿåš/Ð”ÇÓ¥#¡`¹æÜžF^^»¶pVRKÿAÇõÙcV2×#ÿSVAu¸{¨»	f‚KT¸ŽHoÅgôç„'äG´ (ýÃÜ.unå¿SQ¢2™È[Æg4©^8s2äôëL¿g¸9f—àæ!ÉÐøì…brü—É~>$@·	“’*ÿ_„fR°¯}‰%ÿkÛ•ÁÜ“Vº¬áªùÍ§×
7†$z‘•ÚFIÐä)E3Âò*Úgœ¶%t. gFƒéÆªÁ‰ð
.= ÈÖejÛµO§°Ž¨Ž×<<í	ÐÆüm$(júvÉ„¤ZÞM ~C_Ž“©¼F\Òtx å´ÚAéÂA.rÈJÇ·ªËÓe?B¤ÕöÑí²Øx¡®TnvF†÷L p/âZÔqÌ©«n£²ðùrE¾]C×müÞ<£Ð…¼Ã E1î ŽÆcË:dôûÎôBÀ‡rÃ@F÷y§!eû¶rBZaÏ`"!"`µ»XBÉ‰¦/jî… ÑÅ¡f›n{¬¬ÆbS§Vyç8„Ô.ì¦tžÎz±V<„™|43µÿö^0–