Kerberos 5 Release 1.7.2

• Announcement
• README file
• Known Bugs
• Documentation
• Retrieving

Kerberos 5 Release 1.7.2 is now available

The MIT Kerberos Team announces the availability of the krb5-1.7.2 release. The detached PGP signature is available without going through the download page, if you wish to verify the authenticity of a distribution you have obtained elsewhere.

Please see the README file for a more complete list of changes.

You may also see the current full list of fixed bugs tracked in our RT bugtracking system.

The Data Encryption Standard (DES) is widely recognized as weak. The krb5-1.7 release will contain measures to encourage sites to migrate away from using single-DES cryptosystems. Among these is a configuration variable that enables "weak" enctypes, but will default to "false" in the future.

Major changes in 1.7.2

This is primarily a bugfix release.

• Fix vulnerabilities:
  • KDC denial of service [MITKRB5-SA-2010-001 CVE-2010-0283]
  • SPNEGO denial of service [MITKRB5-SA-2010-002 CVE-2010-0628]
  • KDC double free [MITKRB5-SA-2010-004 CVE-2010-1320]
  • GSS-API null pointer dereference [MITKRB5-SA-2010-005 CVE-2010-1321]
  • multiple checksum vulnerabilities [MITKRB5-SA-2010-007 CVE-2010-1324 CVE-2010-1323 CVE-2010-4021]
  • kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022]
  • KDC denial of service [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282]
  • KDC double-free (PKINIT) [MITKRB5-SA-2011-003 CVE-2011-0284]
  • kadmind frees invalid pointer [MITKRB5-SA-2011-004 CVE-2011-0285]
• Fix the krb5-1.7 KDB master key migration support to handle pre-1.7 databases with master key kvno != 1

Major changes in 1.7.1

This is primarily a bugfix release.

• Fix vulnerabilities: MITKRB5-SA-2009-003 [CVE-2009-3295], MITKRB5-SA-2009-004 [CVE-2009-4212].
• Restore compatibility for talking to older kadminds and kadmin clients for the "addprinc -randkey" operation.
• Fix some build problems and memory leaks.

Major changes in 1.7

The krb5-1.7 release contains a large number of changes, featuring improvements in the following broad areas:

• Compatibility with Microsoft Windows
• Administrator experience
• User experience
• Code quality
• Protocol evolution

Compatibility with Microsoft Windows:

• Follow client principal referrals in the client library when obtaining initial tickets.
• KDC can issue realm referrals for service principals based on domain names.
• Extensions supporting DCE RPC, including three-leg GSS context setup and unencapsulated GSS tokens inside SPNEGO.
• Microsoft GSS_WrapEX, implemented using the gss_iov API, which is similar to the equivalent SSPI functionality. This is needed to support some instances of DCE RPC.
• NTLM recognition support in GSS-API, to facilitate dropping in an NTLM implementation for improved compatibility with older releases of Microsoft Windows.
• KDC support for principal aliases, if the back end supports them. Currently, only the LDAP back end supports aliases.
• Support Microsoft set/change password (RFC 3244) protocol in kadmind.
• Implement client and KDC support for GSS_C_DELEG_POLICY_FLAG, which allows a GSS application to request credential delegation only if permitted by KDC policy.

Administrator experience:

• Install header files for the administration API, allowing third-party software to manipulate the KDC database.
• Incremental propagation support for the KDC database.
• Master key rollover support, making it easier to change master key passwords or encryption types.
• New libdefaults configuration variable "allow_weak_crypto". NOTE: Currently defaults to "true", but may default to "false" in a future release. Setting this variable to "false" will have the effect of removing weak enctypes (currently defined to be all single-DES enctypes) from permitted_enctypes, default_tkt_enctypes, and default_tgs_enctypes.

User experience:

• Provide enhanced GSS-API error message including supplementary details about error conditions.
• In the replay cache, use a hash over the complete ciphertext to avoid false-positive replay indications.

Code quality:

• Replace many uses of "unsafe" string functions. While most of these instances were innocuous, they impeded efficient automatic and manual static code analysis.
• Fix many instances of resource leaks and similar bugs identified by static analysis tools.
• Fix CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847 -- various vulnerabilities in SPNEGO and ASN.1 code.

Protocol evolution:

• Remove support for version 4 of the Kerberos protocol (krb4).
• Encryption algorithm negotiation (RFC 4537), allowing clients and application services to negotiate stronger encryption than their KDC supports.
• Flexible Authentication Secure Tunneling (FAST), a preauthentiation framework that can protect the AS exchange from dictionary attacks on weak user passwords.

Known Bugs

Known bugs reported against krb5-1.7.2 are listed here.

Documentation for krb5-1.7.2

Please note that the HTML versions of these documents are converted from texinfo, and that the conversion is imperfect. If you want PostScript or GNU info versions, please download the documentation tarball.

• install guide
• user guide
• admin guide
• krb425 guide
• documentation tarball

Retrieving Kerberos 5 Release 1.7.2

You may retrieve the Kerberos 5 Release 1.7.2 source from here. If you need to acquire the sources from some other distribution site, you may verify them against the detached PGP signature for krb5-1.7.2.