krb5-devel-1.7-6.8.1<>,GLr/=„ gY@EЭH SVT)Fsc2юJXmGg%E7OM}ٲ_/ mx#2Ry+s} r·L f-B|=%fOCD )*`5 z:,9if{y!\ Y4>؜SY"};ᕂ&c#Ǻ<AؗKĠof;9;lFvg]p.t 8UO1Rq|ZP?Ɵ>5?#??d   C 9Z`h0(0 0 0 0  0  0 0 p0 ` x0 8 X x(98@=94=:=F8G80H90I:L0X:|Y:\:0];X0^=S b>c>d>e>f>l>z?Ckrb5-devel1.76.8.1MIT Kerberos5 - Include Files and LibrariesKerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. This package includes Libraries and Include Files for Development Authors: -------- The MIT Kerberos Team Sam Hartman Ken Raeburn Tom Yu Lbuild33*_openSUSE 11.2openSUSEMIT License (or similar)http://bugs.opensuse.orgDevelopment/Libraries/C and C++http://web.mit.edu/kerberos/www/linuxx86_64vd ,vLx $ / ) ,M,gt NquR Fz8t :A큤A큤A큤A큤AAAL{LzL{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{L{LzLzLzLzLzLzL~LL}LLzL{LzL{L{L{L{LzL}Lz2a75db5aeaec05abbf3ec1aead567a2ebe21792f5dd9a3a38029481fcfe47372f91c9b2cee665f3421bc2e3355373c003cfc117ad1ac43151a35f546cec0b917403ee8110ad3cc74f30bc40a23e0bdd8c9b89cb7e3daed9e44f95e2eb450224a7e8dc05a83c3bb655b95fac7f564df658a7b1d171a74a73bfa83545b8aa2642c1bd74715682a6f39131a776ee8dc455b20d2b1925a4b05c6dc890a3e939eb132cfd90c44ac3c7d334ee5858f51fbc8dca266700779989fe61c33aff82557655b765ad1cf280cdb3cb060df269c9f3daa84cc2ce33b22b20f6c042a0df7be6c224a1726144b202d24767713767ea0ab60238263399d227db271974a79879ec70355d9ccbb16ee455744fcca3e378c29ae1b366ff4e5e93d72aec9e97069c5aaa83a9e08d2c345a237b1fe7060ee1cd69b0824d77565caad240c56ece91ecd4c1b26671d514e31a85adcc62cefb610aad50c8ae580c9cb354a6f6fec354e0e52ee92e306e96486dde65a7549a0a2aec5eac44534bb7846bad66481a90cbb477dd17dbe656df1c1a6f53159ee20f9686b0137b3cd6f0333849cf059f33769cda32d130aec8c18024e2e68401e910f02a14fcb4dcb12a60fc35e2db3a101e2589c5409408e61c41a257c977de8b16dcafe078a571381e42993955808f9de8033245970dfef2b3859d0a665f6a866f0c344e23a708d4b22a3dae276ea922bd6bf94e6dae4c8e70ac3d20fcc191b11cbe65e8e50df8ae43e555d0bf5ddfc65270bc683libgssrpc.so.4.1libk5crypto.so.3.1libkadm5clnt.so.6.0libkadm5srv.so.6.0libkdb5.so.4.0libkrb5.so.3.3libkrb5support.so.0.1rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkrb5-1.7-6.8.1.src.rpmkrb5-develkrb5-devel(x86-64)   @ rpmlib(VersionedDependencies)krb5libcom_err-develkeyutils-develrpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)/bin/shrpmlib(PayloadIsLzma)3.0.3-11.74.0-13.0.4-14.4.6-14.7.1L֔KыKŮ@K@KXAK?JY@J&eJ @IU@ImIAI?@I HHH@HXH*@G@GGhGbp@GUA@G0W@G@FwF@FFޚ@F^FF@FFq-Fm9@FAF9F,F&@F#e@FF @E@E݅Eّ@Eb@EEE@E@E@EI@EO#EAEDDq@D+@DĶ@Dmc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.decoolo@novell.commc@suse.demc@suse.demc@suse.deolh@suse.demc@suse.deolh@suse.deolh@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.dero@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.desschober@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.de- Fix multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007, bnc#650650) CVE-2010-1324 * krb5 GSS-API applications may accept unkeyed checksums * krb5 application services may accept unkeyed PAC checksums * krb5 KDC may accept low-entropy KrbFastArmoredReq checksums CVE-2010-1323 * krb5 clients may accept unkeyed SAM-2 challenge checksums * krb5 may accept KRB-SAFE checksums with low-entropy derived keys CVE-2010-4021 * krb5 KDC may issue unrequested tickets due to KrbFastReq forgery - add correct error table when initializing gss-krb5 (bnc#606584, bnc#608295)- fix GSS-API library null pointer dereference CVE-2010-1321, MITKRB5-SA-2010-005 (bnc#596826)- fix a double free vulnerability in the KDC CVE-2010-1320, MITKRB5-SA-2010-004 (bnc#596002)- fix a bug where an unauthenticated remote attacker could cause a GSS-API application including the Kerberos administration daemon (kadmind) to crash. CVE-2010-0628, MITKRB5-SA-2010-002 (bnc#582557)- fix KDC denial of service CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781)- fix KDC denial of service in cross-realm referral processing CVE-2009-3295, MITKRB5-SA-2009-003 (bnc#561347) - fix integer underflow in AES and RC4 decryption CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351)- readd lost baselibs.conf- update to final 1.7 release- update to version 1.7 Beta2 * Incremental propagation support for the KDC database. * Flexible Authentication Secure Tunneling (FAST), a preauthentiation framework that can protect the AS exchange from dictionary attack. * Implement client and KDC support for GSS_C_DELEG_POLICY_FLAG, which allows a GSS application to request credential delegation only if permitted by KDC policy. * Fix CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847 -- various vulnerabilities in SPNEGO and ASN.1 code.- update to pre 1.7 version * Remove support for version 4 of the Kerberos protocol (krb4). * New libdefaults configuration variable "allow_weak_crypto". * Client library now follows client principal referrals, for compatibility with Windows. * KDC can issue realm referrals for service principals based on domain names. * Encryption algorithm negotiation (RFC 4537). * In the replay cache, use a hash over the complete ciphertext to avoid false-positive replay indications. * Microsoft GSS_WrapEX, implemented using the gss_iov API, which is similar to the equivalent SSPI functionality. * DCE RPC, including three-leg GSS context setup and unencapsulated GSS tokens. * NTLM recognition support in GSS-API, to facilitate dropping in an NTLM implementation. * KDC support for principal aliases, if the back end supports them. * Microsoft set/change password (RFC 3244) protocol in kadmind. * Master key rollover support.- obsolete also old heimdal-lib-XXbit and heimdal-devel-XXbit- do not query IPv6 addresses if no IPv6 address exists on this host [bnc#449143]- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293)- obsolete old -XXbit packages (bnc#437293)- in case we use ldap as database backend, ldap should be started before krb5kdc- add new fixes to post 1.6.3 patch * fix mem leak in krb5_gss_accept_sec_context() * keep minor_status * kadm5_decrypt_key: A ktype of -1 is documented as meaning "to be ignored" * Reject socket fds > FD_SETSIZE- add patches from SVN post 1.6.3 * krb5_string_to_keysalts: Fix an infinite loop * fix some mutex issues * better recovery from corrupt rcache files * some more small fixes- add case-insensitive.dif (FATE#300771) - minor fixes for ktutil man page - reduce rpmlint warnings- Fall back to TCP on kdc-unresolvable/unreachable errors. - restore valid sequence number before generating requests (fix changing passwords in mixed ipv4/ipv6 enviroments)- added baselibs.conf file to build xxbit packages for multilib support- modify krb5-config to not output rpath and cflags in --libs (bnc#378270)- fix two security bugs: * MITKRB5-SA-2008-001(CVE-2008-0062, CVE-2008-0063) fix double free [bnc#361373] * MITKRB5-SA-2008-002(CVE-2008-0947, CVE-2008-0948) Memory corruption while too many open file descriptors [bnc#363151] - change default config file. Comment out the examples.- fix several security bugs: * CVE-2007-5894 apparent uninit length * CVE-2007-5902 integer overflow * CVE-2007-5971 free of non-heap pointer and double-free * CVE-2007-5972 double fclose() [#346745, #346748, #346746, #346749, #346747]- improve GSSAPI error messages- add coreutils to PreReq- update to krb5 version 1.6.3 * fix CVE-2007-3999, CVE-2007-4743 svc_auth_gss.c buffer overflow * fix CVE-2007-4000 modify_policy vulnerability * Add PKINIT support - remove patches which are upstream now - enhance init scripts and xinetd profiles- update krb5-1.6.2-post.dif * If a KDC returns KDC_ERR_SVC_UNAVAILABLE, it appears that that the client library will not failover to the next KDC. [#310540]- update krb5-1.6.2-post.dif * new -S sname option for kvno * read_entropy_from_device on partial read will not fill buffer * Bail out if encoded "ticket" doesn't decode correctly. * patch for referrals loop- fix a problem with the originally published patch for MITKRB5-SA-2007-006 - CVE-2007-3999 [#302377]- fix execute arbitrary code (MITKRB5-SA-2007-006 - CVE-2007-3999,2007-4000) [#302377]- add krb5-1.6.2-post.dif * during the referrals loop, check to see if the session key enctype of a returned credential for the final service is among the enctypes explicitly selected by the application, and retry with old_use_conf_ktypes if it is not. * If mkstemp() is available, the new ccache file gets created but the subsequent open(O_CREAT|O_EXCL) call fails because the file was already created by mkstemp(). Apply patch from Apple to keep the file descriptor open.- update to version 1.6.2 - remove krb5-1.6.1-post.dif all fixes are included in this release- change requires to libcom_err-devel- update krb5-1.6.1-post.dif * fix leak in krb5_walk_realm_tree * rd_req_decoded needs to deal with referral realms * fix buffer overflow in kadmind (MITKRB5-SA-2007-005 - CVE-2007-2798) [#278689] * fix kadmind code execution bug (MITKRB5-SA-2007-004 - CVE-2007-2442 - CVE-2007-2443) [#271191]- fix unstripped-binary-or-object rpmlint warning- fixing rpmlint warnings and errors: * merged logrotate scripts kadmin and krb5kdc into a single file krb5-server. * moved heimdal2mit-DumpConvert.pl and simple_convert_krb5conf.pl from /usr/share/doc/packages/krb5 to /usr/lib/mit/helper. adapted krb5.spec and README.ConvertHeimdalMIT accordingly. * added surpression filter for "devel-file-in-non-devel-package /usr/lib/libgssapi_krb5.so" (see [#147912]). * set default runlevel of init scripts in chkconfig line to 3 and 5- fix uninitialized salt length - add extra check for keytab file- adding krb5-1.6.1-post.dif * fix segfault in krb5_get_init_creds_password * remove debug output in ftp client * profile stores empty string values without double quotes- update to final 1.6.1 version- add plugin directories to main package- update to version 1.6.1 Beta1 - remove obsolete patches (krb5-1.6-post.dif, krb5-1.6-patchlevel.dif) - rework compile_pie patch- update krb5-1.6-post.dif * fix kadmind stack overflow in krb5_klog_syslog (MITKRB5-SA-2007-002 - CVE-2007-0957) [#253548] * fix double free attack in the RPC library (MITKRB5-SA-2007-003 - CVE-2007-1216) [#252487] * fix krb5 telnetd login injection (MIT-SA-2007-001 - CVE-2007-0956) [#247765]- add ncurses-devel and bison to BuildRequires - rework some patches- move SuSEFirewall service definitions to /etc/sysconfig/SuSEfirewall2.d/services- add firewall definition to krb5-server, FATE #300687- update krb5-1.6-post.dif - move some applications into the right package- update krb5-1.6-post.dif- krb5-1.6-fix-passwd-tcp.dif and krb5-1.6-fix-sendto_kdc-memset.dif are now upstream. Remove patches. - fix leak in krb5_kt_resolve and krb5_kt_wresolve- fix "local variable used before set" in ftp.c [#237684]- krb5-devel should require keyutils-devel- update to version 1.6 * Major changes in 1.6 include * Partial client implementation to handle server name referrals. * Pre-authentication plug-in framework, donated by Red Hat. * LDAP KDB plug-in, donated by Novell. - remove obsolete patches- fix for kadmind (via RPC library) calls uninitialized function pointer (CVE-2006-6143)(Bug #225990) krb5-1.5-MITKRB5-SA-2006-002-fix-code-exec.dif - fix for kadmind (via GSS-API mechglue) frees uninitialized pointers (CVE-2006-6144)(Bug #225992) krb5-1.5-MITKRB5-SA-2006-003-fix-free-of-uninitialized-pointer.dif- Fix Requires in krb5-devel [Bug #231008]- fix "local variable used before set" [#217692] - fix strncat warning- add a default kadm5.dict file - require $network on daemon start- fix function call with too few arguments [#203837]- update to version 1.5.1 - remove obsolete patches which are now included upstream * krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif * trunk-fix-uninitialized-vars.dif- krb5 setuid return check fixes krb5-1.4.3-MITKRB5-SA-2006-001-setuid-return-checks.dif [#182351]- remove update-messages- add check for krb5_prop in services to kpropd init script. [#192446]- update to version 1.5 * KDB abstraction layer, donated by Novell. * plug-in architecture, allowing for extension modules to be loaded at run-time. * multi-mechanism GSS-API implementation ("mechglue"), donated by Sun Microsystems * Simple and Protected GSS-API negotiation mechanism ("SPNEGO") implementation, donated by Sun Microsystems - remove obsolete patches and add some newbuild33 1291198104%c%t%}%|%{%~%%d%%%%%%%%%%%%%%%%%a%%%%p%b%o%q%r%s%O%Q%%P%k%%v%%%%y%i%n%1.7-6.8.11.7-6.8.1 gssapigssapi.hgssapi.hgssapi_ext.hgssapi_generic.hgssapi_krb5.hmechglue.hgssrpcauth.hauth_gss.hauth_gssapi.hauth_unix.hclnt.hnetdb.hpmap_clnt.hpmap_prot.hpmap_rmt.hrename.hrpc.hrpc_msg.hsvc.hsvc_auth.htypes.hxdr.hkadm5admin.hchpass_util_strings.hkadm_err.hkdb.hkrb5krb5.hkrb5.hlocate_plugin.hprofile.hmitbinkrb5-configsbinkrb5-send-prlibgssrpc.solibk5crypto.solibkadm5clnt.solibkadm5srv.solibkdb5.solibkrb5.solibkrb5support.sokrb5-config.1.gzkrb5-send-pr.1.gz/usr/include//usr/include/gssapi//usr/include/gssrpc//usr/include/kadm5//usr/include/krb5//usr/lib//usr/lib/mit//usr/lib/mit/bin//usr/lib/mit/sbin//usr/lib64//usr/share/man/man1/-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.opensuse.org/openSUSE:11.2:Update:Test/standard/31bf3f0b290f940406c16ed3410ef2cb-krb5cpiolzma2x86_64-suse-linux8)F?]"k%UCv^D(nm&D(vsΧ仅"a?GkSpŵNoZNOaԀ.j It`Nw!=M1B\_5!+%p`QI}?," %Z:>T4` zS`Tc-r#Lϣ!X`lfCj2}?ua`ݧ* e_/RQMIv`fi[s s{쉵`9!'|WY@õ[NH0lZKx 8GN{Ns(؀tB7˹[" y՜XH}1'utkamS/KL-,Sq9g3Kr}VH mlH{XQbFRF٘7"?%| d ٣#NzL䜑|v&bhA m{$|Dѿ`I<)<pdL\n.͢$ns*}X%.{mh3bMvo}|1îp|7u%m1ؑ3&motΰƵvV8,ݞ/m'x/ch)=o",!H`$4^T[@(ۓvm6* /lj/'š?n0?m=ydG,uYΆ|w=;=SNXyY4(%w "IDvřxi-:_sX15źxZD2*:D[1~e4j;BzI