Kerberos 5 Release 1.6.3

Kerberos 5 Release 1.6.3 is now available

The MIT Kerberos Team announces the availability of the krb5-1.6.3 release. The detached PGP signature is available without going through the download page, if you wish to verify the authenticity of a distribution you have obtained elsewhere. This is primarily a security fix release, but includes preliminary support for PKINIT. For a complete list of changes, please see this list in our RT bugtracking system.

Major changes in 1.6.3 include

The above are two kadmind vulnerabilities described in MITKRB5-SA-2007-006. CVE-2007-3999 is actually a vulnerability in the RPC library. At this point, PKINIT support should be considered to be ALPHA code. APIs and configuration details may change in the future. We would greatly appreciate testing and feedback of PKINIT support.

Please see the README file for a more complete list of changes.

You may also see the current full list of fixed bugs tracked in our RT bugtracking system.

Known Bugs

Known bugs reported against krb5-1.6.3 are listed here.

Documentation for krb5-1.6.3

Please note that the HTML versions of these documents are converted from texinfo, and that the conversion is imperfect. If you want PostScript or GNU info versions, please download the documentation tarball.

Retrieving Kerberos 5 Release 1.6.3

You may retrieve the Kerberos 5 Release 1.6.3 source from here. If you need to acquire the sources from some other distribution site, you may verify them against the detached PGP signature for krb5-1.6.3.


$Id: krb5-1.6.3.html,v 1.3 2007/10/23 00:02:24 tlyu Exp $
MIT Kerberos [ home ] [ contact ]