This update fixes multiple CVEs and rebases to the latest upstream version:
* Tue Jul 09 2024 Julien Rische <jrische@redhat.com> - 1.21.3-1
- New upstream version (1.21.3)
- CVE-2024-26458: Memory leak in src/lib/rpc/pmap_rmt.c
Resolves: rhbz#2266732
- CVE-2024-26461: Memory leak in src/lib/gssapi/krb5/k5sealv3.c
Resolves: rhbz#2266741
- CVE-2024-26462: Memory leak in src/kdc/ndr.c
Resolves: rhbz#2266743
- Add missing SPDX license identifiers
Resolves: rhbz#2265333
* Mon Jul 08 2024 Julien Rische <jrische@redhat.com> - 1.21.2-6
- CVE-2024-37370 CVE-2024-37371: GSS message token handling
Resolves: rhbz#2294678 rhbz#2294680
- Fix double free in klist's show_ccache()
Resolves: rhbz#2257301
- Do not include files with "~" termination in krb5-tests
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2024-df2c70dba9
Please login to add feedback.
This update has been submitted for testing by jrische.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'passed'.
This update has been pushed to testing.
no regressions noted
FreeIPA tests passed successfully.
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by abbra.
This update has been pushed to stable.