krb5-plugin-kdb-ldap-1.8.3-67.1e>UA1Ror_nLp^?RT$jS`/_T$ZHWN*8\ 5^G#96M'P8tv>7"?"d " U )JPX            ( i   $ ( %8 ,9 : >@FG HP I X Y \ ]  ^ b!hc!d"me"rf"wl"yz"Ckrb5-plugin-kdb-ldap1.8.367.1MIT Kerberos5 Implementation--LDAP Database PluginKerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of clear text passwords. This package contains the LDAP database plugin. Authors: -------- The MIT Kerberos Team Sam Hartman Ken Raeburn Tom Yu Rcloud134zopenSUSE 11.4openSUSEMIThttp://bugs.opensuse.orgProductivity/Networking/Securityhttp://web.mit.edu/kerberos/www/linuxx86_64)Hf1ZAAAAA큤RRRRRRRRRRRRR9befe1b4b45aba638b43c1ccceeaea20fa2939cd4794184a67a04f165fbd80567c57f32b0558825983e304f00f11709126afdaa65ce6785939d5f65a9a2d10bb2a3e751d54844601312127f8185d9b4eb1fcd93c4ccb180159db4a252051517alibkdb_ldap.so.1.0libkdb_ldap.so.1.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkrb5-1.8.3-67.1.src.rpmkldap.so.0()(64bit)kldap.so.0(HIDDEN)(64bit)kldap.so.0(kldap.so.0)(64bit)kldap.so.0(kldap_0_MIT)(64bit)libkdb_ldap.so.1()(64bit)libkdb_ldap.so.1(HIDDEN)(64bit)libkdb_ldap.so.1(kdb_ldap_1_MIT)(64bit)libkdb_ldap.so.1(libkdb_ldap.so.1)(64bit)krb5-plugin-kdb-ldapkrb5-plugin-kdb-ldap(x86-64)  @@@@@@@@@@@@@@@@@@@@@@@@ krb5-server/sbin/ldconfig/sbin/ldconfigrpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.8)(64bit)libcom_err.so.2()(64bit)libgssrpc.so.4()(64bit)libgssrpc.so.4(gssrpc_4_MIT)(64bit)libk5crypto.so.3()(64bit)libk5crypto.so.3(k5crypto_3_MIT)(64bit)libkadm5srv_mit.so.7()(64bit)libkadm5srv_mit.so.7(kadm5srv_mit_7_MIT)(64bit)libkdb5.so.4()(64bit)libkdb5.so.4(kdb5_4_MIT)(64bit)libkdb_ldap.so.1()(64bit)libkdb_ldap.so.1(kdb_ldap_1_MIT)(64bit)libkrb5.so.3()(64bit)libkrb5.so.3(krb5_3_MIT)(64bit)libkrb5support.so.0()(64bit)libkrb5support.so.0(krb5support_0_MIT)(64bit)libldap-2.4.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)rpmlib(PayloadIsLzma)1.8.34.0-13.0.4-14.4.6-14.8.0R|@QzQu&@QLGP@O@NMM~@M6@L8LeL|L|L@LT@KKŮ@KK"@K@K@KK&(JJ@JY@J&eJ @ckornacker@suse.dejohann.luce@wanadoo.frmc@suse.dewr@rosenauer.orgmc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.delchiquitto@novell.commc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.demc@suse.dejengelh@medozas.demc@suse.decoolo@novell.commc@suse.demc@suse.de- fix Multi-realm KDC null deref CVE-2013-1418 (bnc#849240) + added bug-849240-CVE-2013-1418-fix-multi-realm-kdc-null-deref.dif- fix a kpasswd UDP ping-pong security bug (CVE-2002-2443) with CVE-2002-2443.patch- fix prep_reprocess_req NULL pointer deref CVE-2013-1416 (bnc#816413) bug-816413-CVE-2013-1416-prep_reprocess_req-NULL-ptr-deref.dif- fix PKINIT null pointer deref CVE-2013-1415 (bnc#806715) bug-806715-CVE-2013-1415-fix-PKINIT-null-pointer-deref.dif- fix potentially execute code flaws CVE-2012-1015 (bnc#770172)- fix kadmind denial of service via null pointer dereference CVE-2012-1013 (bnc#765485)- fix kdc remote denial of service (MITKRB5-SA-2011-006, bnc#719393) CVE-2011-1528, CVE-2011-1529- fix kadmind invalid pointer free() (MITKRB5-SA-2011-004, bnc#687469) CVE-2011-0285- Fix vulnerability to a double-free condition in KDC daemon (MITKRB5-SA-2011-003, bnc#671717) CVE-2011-0284- Fix kpropd denial of service (MITKRB5-SA-2011-001, bnc#662665) CVE-2010-4022 - Fix KDC denial of service attacks with LDAP back end (MITKRB5-SA-2011-002, bnc#663619) CVE-2011-0281, CVE-2011-0282- Fix multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007, bnc#650650) CVE-2010-1324 * krb5 GSS-API applications may accept unkeyed checksums * krb5 application services may accept unkeyed PAC checksums * krb5 KDC may accept low-entropy KrbFastArmoredReq checksums CVE-2010-1323 * krb5 clients may accept unkeyed SAM-2 challenge checksums * krb5 may accept KRB-SAFE checksums with low-entropy derived keys CVE-2010-4020 * krb5 may accept authdata checksums with low-entropy derived keys CVE-2010-4021 * krb5 KDC may issue unrequested tickets due to KrbFastReq forgery- fix csh profile (bnc#649856)- update to krb5-1.8.3 * remove patches which are now upstrem - krb5-1.7-MITKRB5-SA-2010-004.dif - krb5-1.8.1-gssapi-error-table.dif - krb5-MITKRB5-SA-2010-005.dif- change environment variable PATH directly for csh (bnc#642080)- fix a dereference of an uninitialized pointer while processing authorization data. CVE-2010-1322, MITKRB5-SA-2010-006 (bnc#640990)- add correct error table when initializing gss-krb5 (bnc#606584, bnc#608295)- fix GSS-API library null pointer dereference CVE-2010-1321, MITKRB5-SA-2010-005 (bnc#596826)- fix a double free vulnerability in the KDC CVE-2010-1320, MITKRB5-SA-2010-004 (bnc#596002)- update to version 1.8.1 * include krb5-1.8-POST.dif * include MITKRB5-SA-2010-002- update krb5-1.8-POST.dif- fix a bug where an unauthenticated remote attacker could cause a GSS-API application including the Kerberos administration daemon (kadmind) to crash. CVE-2010-0628, MITKRB5-SA-2010-002 (bnc#582557)- add post 1.8 fixes * Add IPv6 support to changepw.c * fix two problems in kadm5_get_principal mask handling * Ignore improperly encoded signedpath AD elements * handle NT_SRV_INST in service principal referrals * dereference options while checking KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT * Fix the kpasswd fallback from the ccache principal name * Document the ticket_lifetime libdefaults setting * Change KRB5_AUTHDATA_SIGNTICKET from 142 to 512- update to version 1.8 * Increase code quality * Move toward improved KDB interface * Investigate and remedy repeatedly-reported performance bottlenecks. * Reduce DNS dependence by implementing an interface that allows client library to track whether a KDC supports service principal referrals. * Disable DES by default * Account lockout for repeated login failures * Bridge layer to allow Heimdal HDB modules to act as KDB backend modules * FAST enhancements * Microsoft Services for User (S4U) compatibility * Anonymous PKINIT - fix KDC denial of service CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781) - fix KDC denial of service in cross-realm referral processing CVE-2009-3295, MITKRB5-SA-2009-003 (bnc#561347) - fix integer underflow in AES and RC4 decryption CVE-2009-4212, MITKRB5-SA-2009-004 (bnc#561351) - moved krb5 applications (telnet, ftp, rlogin, ...) to krb5-appl- add baselibs.conf as a source- enhance '$PATH' only if the directories are available and not empty (bnc#544949)- readd lost baselibs.conf- update to final 1.7 release- update to version 1.7 Beta2 * Incremental propagation support for the KDC database. * Flexible Authentication Secure Tunneling (FAST), a preauthentiation framework that can protect the AS exchange from dictionary attack. * Implement client and KDC support for GSS_C_DELEG_POLICY_FLAG, which allows a GSS application to request credential delegation only if permitted by KDC policy. * Fix CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847 -- various vulnerabilities in SPNEGO and ASN.1 code./sbin/ldconfig/sbin/ldconfigcloud134 1384685252 ' q . / 0 b ] ^ N 1.8.3-67.11.8.3-67.1sbinkdb5_ldap_utilkrb5pluginskdbkldap.solibkdb_ldap.solibkdb_ldap.so.1libkdb_ldap.so.1.0krb5kerberos.ldifkerberos.schemakdb5_ldap_util.8.gz/usr/lib/mit//usr/lib/mit/sbin//usr/lib64//usr/lib64/krb5//usr/lib64/krb5/plugins//usr/lib64/krb5/plugins/kdb//usr/share/doc/packages//usr/share/doc/packages/krb5//usr/share/man/man8/-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -gobs://build.opensuse.org/openSUSE:Evergreen:Maintenance:212/openSUSE_Evergreen_11.4/dc830de05bda17529df2d5ca56690536-krb5.openSUSE_Evergreen_11.4drpmlzma5x86_64-suse-linuxie?7p(+?]"k%?8O^͵ жb2eRCP& ؖ׼|nmjdRw ԽyTb5 pwäqredH KWV=&PTӨ>F]Pxж1Gk8.v1Ȣs^ ukVpp=^$9$NHI)G׏.[<[ky,86k|c<ʷqŬ$T$y(REGjLNnj#&"?MfXT߰ R;B:I(MKt|@kd8txy=#@ ͬm7 tϖsxS#b2,xӷ}o<tAӘ_IwvaZJKfVGtŕ"vh%]CVE|r Ȳp|w I\/sg9C=n0̂g@_] q>5i B"{M ^BuĺIݶg_8`ڱ{=4/0_Ȑ<`9niX(u෧l 9uk:6}|o̟za9~ZoǷ} c?q<@Gen\qY 'P/~smJdUThBpܬvT<[- ݃}^'h:x M:t^}#Tſ.Coi"ܚ jN$kԼm7Gj!$үL05<[VK·N,O Q56{Pva#S덽_N8Ur\т S vn#^7U"-4LގKӰMU_bxL˃h*lDO=f= GFxХS+TwrⱰ:IS@8jQiy]Q,ΤBf^hV:Np. 8mmVKA"Y>0fXޫkl,k {yeg3CgshTfT"t]v( 00ߑtoER.V$:y~?x{4r 55%YO57(vF3mڤ90K\6 9q@^b,dalPKV?u's+ MߓOklܣMz$J|+tT;-9lC;Xr-;jTDaөY ǧkz5`k08"i ! Dwq媓U\DS/5uY0q%Hkn5ZJ ϧ1[ڀ3uLMkt|?!YF='7A(JG8=?Ϗĥ~F֞K9nWnaa_MVe(} "=.hPϖ#ZE!mQD<kUم(;Vci* ØֽLRP"Q@_E e.4;H Z/0}Ϧ"/{uneE9e-<#o6L 3*,O{(uF_FBy͘*ٞh^bXp@3fZGZ0TzO,)/f=$ oƬILvqLrGZePܨX\_\!& r/|`!TPFxYkɦE#JzS#k BtZQny=ѡ6)@Y_^A0:uыr钪ɉmܑI.^rl"\L}99Myl$n6i`H*Fm3׺П4y 5p7:\}$i UMv.?0e\@4@ccSDz>iOQmT .P8xUvyQf tm,6$ӆx }߫/FRE /-rڗ{w!(|E_JA/C ͖jPfXSzX