Kerberos 5 Release 1.8.6
    
    
    The MIT Kerberos Team announces the availability of the
      krb5-1.8.6 release.  The detached PGP
      signature is available without going through the download
      page, if you wish to verify the authenticity of a distribution
      you have obtained elsewhere.
    
Please see the README file for a
      more complete list of changes.
    
You may also see the current full
      list
	of fixed bugs tracked in our RT bugtracking system.
    
DES transition
    The Data Encryption Standard (DES) is widely recognized as
      weak.  The krb5-1.7 release contains measures to encourage sites
      to migrate away from using single-DES cryptosystems.  Among
      these is a configuration variable that enables "weak" enctypes,
      which now defaults to "false" beginning with krb5-1.8.  The
      krb5-1.8 release includes additional measures to ease the
      transition away from single-DES.  These additional measures
      include:
    
      - enctype config enhancements (so you can do "DEFAULT +des", etc.)
      
- new API to allow applications (e.g. AFS) to explicitly reenable weak
	crypto
      
- easier kadmin history key changes
    
Major changes in 1.8.6
    This is primarily a bugfix release.
    
      - Fix an interaction in iprop that could cause spurious excess kadmind
	processes when a kprop child fails.
    
Major changes in 1.8.5
    This is primarily a bugfix release.
    
      - Fix MITKRB5-SA-2011-006 KDC denial of service
      vulnerabilities [CVE-2011-1528 CVE-2011-1529 CVE-2011-4151].
    
Major changes in 1.8.4
    This is primarily a bugfix release.
    
      - Fix vulnerabilities:
	
	  - KDC uninitialized pointer crash [MITKRB5-SA-2010-006 CVE-2010-1322]
	  
- kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022]
	  
- KDC denial of service attacks [MITKRB5-SA-2011-002
	    CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]
	  
- KDC double-free when PKINIT enabled [MITKRB5-SA-2011-003
	    CVE-2011-0284]
	  
- kadmind frees invalid pointer [MITKRB5-SA-2011-004 CVE-2011-0285]
	
 
- Interoperability:
	
	  - Correctly encrypt GSSAPI forwarded credentials using the session
	    key, not a subkey.
	  
- Set NT-SRV-INST on TGS principal names as expected by some
	    Windows Server Domain Controllers.
	  
- Don't reject AP-REQ messages if their PAC doesn't validate;
	    suppress the PAC instead.
	  
- Correctly validate HMAC-MD5 checksums that use DES keys
	
 
Major changes in 1.8.3
    
      - Behavior Change:
	GSS-API context expiration -- the gss_wrap and gss_unwrap
	functions no longer check for ticket expiration.  Applications
	wishing to enforce ticket lifetimes should check using the
	gss_inquire_context function.  The previous behavior of checking
	for ticket expiration produced results that were not expected by
	application developers, and could lead to poor user experience. 
- Fix an interoperability issue when the Microsoft HMAC-MD5
	checksum type was used with non-RC4 keys.
      
- Fix an interoperability issue with ephemeral Diffie-Hellman
	key exchange in PKINIT that would happen for less than 1% of
	transactions.
    
Major changes in 1.8.2
    This is primarily a bugfix release.
    
      -  Fix vulnerabilities:
	- CVE-2010-1320 KDC double free caused by ticket renewal
	    (MITKRB5-SA-2010-004)
	  
- CVE-2010-1321 GSS-API lib null pointer deref
	    (MITKRB5-SA-2010-005)
	
 
- Allow numeric IPv6 addresses for configuring KDC locations.
    
Major changes in 1.8.1
    This is primarily a bugfix release.
    
      - MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO
      
- Support IPv6 in kpasswd client.
      
- Fix an authorization data type number assignment that
	conflicted with an undocumented Microsoft usage.
    
Major changes in 1.8
    The krb5-1.8 release contains a large number of changes,
      featuring improvements in the following broad areas:
    
      - Code quality
      
- Developer experience
      
- Performance
      
- End-user experience
      
- Administrator experience
      
- Protocol evolution
    
Code quality:
    
      - Move toward test-driven development -- new features have
	test code, or at least written testing procedures.
      
-  Remove applications to a separate distribution to simplify
	independent maintenance.
      
- Increase conformance to coding style
	
	  -  "The great reindent"
	  
-  Selective refactoring
	
 
Developer experience
    
      - Crypto modularity -- vendors can more easily substitute their own
	crypto implementations, which might be hardware-accelerated or
	validated to FIPS 140, for the builtin crypto implementation that
	has historically shipped as part of MIT Kerberos.  Currently, only
	an OpenSSL provider is included, but others are planned for the
	future.
      
- Move toward improved KDB interface
      
- Improved API for verifying and interrogating authorization data
	Performance:
      
- Investigate and remedy repeatedly-reported performance bottlenecks.
      
- Encryption performance -- new crypto API with opaque key structures,
	to allow for optimizations such as caching of derived keys
    
End-user experience:
    
      - Reduce DNS dependence by implementing an interface that allows
	client library to track whether a KDC supports service principal
	referrals.
    
Administrator experience:
    
      - Disable DES by default -- this reduces security exposure from using
	an increasingly insecure cipher.
      
- More versatile crypto configuration, to simplify migration away from
	DES -- new configuration syntax to allow inclusion and exclusion of
	specific algorithms relative to a default set.
      
- Account lockout for repeated login failures -- mitigates online
	password guessing attacks, and helps with some enterprise regulatory
	compliance.
      
- Bridge layer to allow Heimdal HDB modules to act as KDB backend
	modules.  This provides a migration path from a Heimdal to an MIT
	KDC.
    
Protocol evolution:
    
      - FAST enhancements -- preauthentication framework enhancements to
	allow a client to securely negotiate the use of FAST with a KDC of
	unknown capabilities.
      
- Microsoft Services for User (S4U) compatibility: S4U2Self, also
	known as "protocol transition", allows for service to ask a KDC for
	a ticket to themselves on behalf of a client authenticated via a
	different means; S4U2Proxy allows a service to ask a KDC for a
	ticket to another service on behalf of a client.
      
- Anonymous PKINIT -- allows the use of public-key cryptography to
	anonymously authenticate to a realm
      
- Support doing constrained delegation similar to Microsoft's
	S4U2Proxy without the use of the Windows PAC.  This functionality
	uses a protocol compatible with Heimdal.
    
Known Bugs
    Known bugs reported against krb5-1.8.6 are listed
      here.
    
    Please note that the HTML versions of these documents are
      converted from texinfo, and that the conversion is imperfect.
      If you want PostScript or GNU info versions, please download
      the documentation tarball.
    
    
    You may retrieve the Kerberos 5 Release 1.8.6 source from
      here.
      If you need to acquire the sources from some other distribution
      site, you may verify them against the detached
      PGP signature for krb5-1.8.6.
    
    $Id: krb5-1.8.6.html,v 1.1 2012/02/07 03:45:09 tlyu Exp $
    MIT Kerberos
    [ home ]
    [ contact ]