Kerberos 5 Release 1.20.1

• Announcement
• README file
• Known Bugs
• Documentation
• Retrieving

Kerberos 5 Release 1.20.1 is now available

The MIT Kerberos Team announces the availability of the krb5-1.20.1 release. The detached PGP signature is available without going through the download page, if you wish to verify the authenticity of a distribution you have obtained elsewhere.

Please see the README file for a more complete list of changes.

You may also see the current full list of fixed bugs tracked in our RT bugtracking system.

PAC transition

Beginning with release 1.20, the KDC will include minimal PACs in tickets instead of AD-SIGNEDPATH authdata. S4U requests (protocol transition and constrained delegation) must now contain valid PACs in the incoming tickets. If only some KDCs in a realm have been upgraded across version 1.20, the upgraded KDCs will reject S4U requests containing tickets from non-upgraded KDCs and vice versa.

Triple-DES transition

Beginning with the krb5-1.19 release, a warning will be issued if initial credentials are acquired using the des3-cbc-sha1 encryption type. In future releases, this encryption type will be disabled by default and eventually removed.

Beginning with the krb5-1.18 release, single-DES encryption types have been removed.

Major changes in 1.20.1 (2022-11-15)

• Fix integer overflows in PAC parsing [CVE-2022-42898].
• Fix null deref in KDC when decoding invalid NDR.
• Fix memory leak in OTP kdcpreauth module.
• Fix PKCS11 module path search.

Major changes in 1.20 (2022-05-26)

Administrator experience

• Added a "disable_pac" realm relation to suppress adding PAC authdata to tickets, for realms which do not need to support S4U requests.
• Most credential cache types will use atomic replacement when a cache is reinitialized using kinit or refreshed from the client keytab.
• kprop can now propagate databases with a dump size larger than 4GB, if both the client and server are upgraded.
• kprop can now work over NATs that change the destination IP address, if the client is upgraded.

Developer experience

• Updated the KDB interface. The sign_authdata() method is replaced with the issue_pac() method, allowing KDB modules to add logon info and other buffers to the PAC issued by the KDC.
• Host-based initiator names are better supported in the GSS krb5 mechanism.

Protocol evolution

• Replaced AD-SIGNEDPATH authdata with minimal PACs.
• To avoid spurious replay errors, password change requests will not be attempted over UDP until the attempt over TCP fails.
• PKINIT will sign its CMS messages with SHA-256 instead of SHA-1.

Code quality

• Updated all code using OpenSSL to be compatible with OpenSSL 3.
• Reorganized the libk5crypto build system to allow the OpenSSL back-end to pull in material from the builtin back-end depending on the OpenSSL version.
• Simplified the PRNG logic to always use the platform PRNG.
• Converted the remaining Tcl tests to Python.

Retrieving Kerberos 5 Release 1.20.1

You may retrieve the Kerberos 5 Release 1.20.1 source from here. If you need to acquire the sources from some other distribution site, you may verify them against the detached PGP signature for krb5-1.20.1.