mirror of
git://slackware.nl/current.git
synced 2025-01-03 23:03:22 +01:00
45ec128def
patches/packages/krb5-1.19.2-x86_64-3_slack15.0.txz: Rebuilt.
Fixed integer overflows in PAC parsing.
Fixed memory leak in OTP kdcpreauth module.
Fixed PKCS11 module path search.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-42898
(* Security fix *)
patches/packages/mozilla-firefox-102.5.0esr-x86_64-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/102.5.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2022-48/
https://www.cve.org/CVERecord?id=CVE-2022-45403
https://www.cve.org/CVERecord?id=CVE-2022-45404
https://www.cve.org/CVERecord?id=CVE-2022-45405
https://www.cve.org/CVERecord?id=CVE-2022-45406
https://www.cve.org/CVERecord?id=CVE-2022-45408
https://www.cve.org/CVERecord?id=CVE-2022-45409
https://www.cve.org/CVERecord?id=CVE-2022-45410
https://www.cve.org/CVERecord?id=CVE-2022-45411
https://www.cve.org/CVERecord?id=CVE-2022-45412
https://www.cve.org/CVERecord?id=CVE-2022-45416
https://www.cve.org/CVERecord?id=CVE-2022-45418
https://www.cve.org/CVERecord?id=CVE-2022-45420
https://www.cve.org/CVERecord?id=CVE-2022-45421
(* Security fix *)
patches/packages/mozilla-thunderbird-102.5.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/
https://www.cve.org/CVERecord?id=CVE-2022-45403
https://www.cve.org/CVERecord?id=CVE-2022-45404
https://www.cve.org/CVERecord?id=CVE-2022-45405
https://www.cve.org/CVERecord?id=CVE-2022-45406
https://www.cve.org/CVERecord?id=CVE-2022-45408
https://www.cve.org/CVERecord?id=CVE-2022-45409
https://www.cve.org/CVERecord?id=CVE-2022-45410
https://www.cve.org/CVERecord?id=CVE-2022-45411
https://www.cve.org/CVERecord?id=CVE-2022-45412
https://www.cve.org/CVERecord?id=CVE-2022-45416
https://www.cve.org/CVERecord?id=CVE-2022-45418
https://www.cve.org/CVERecord?id=CVE-2022-45420
https://www.cve.org/CVERecord?id=CVE-2022-45421
(* Security fix *)
patches/packages/samba-4.15.12-x86_64-1_slack15.0.txz: Upgraded.
Fixed a security issue where Samba's Kerberos libraries and AD DC failed
to guard against integer overflows when parsing a PAC on a 32-bit system,
which allowed an attacker with a forged PAC to corrupt the heap.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-42898.html
https://www.cve.org/CVERecord?id=CVE-2022-42898
(* Security fix *)
patches/packages/xfce4-settings-4.16.5-x86_64-1_slack15.0.txz: Upgraded.
This update fixes regressions in the previous security fix:
mime-settings: Properly quote command parameters.
Revert "Escape characters which do not belong into an URI/URL (Issue #390)."
35 lines
1.1 KiB
Text
35 lines
1.1 KiB
Text
[kdcdefaults]
|
|
kdc_listen = 88
|
|
kdc_tcp_listen = 88
|
|
|
|
[realms]
|
|
ATHENA.MIT.EDU = {
|
|
kadmind_port = 749
|
|
max_life = 12h 0m 0s
|
|
max_renewable_life = 7d 0h 0m 0s
|
|
master_key_type = aes256-cts-hmac-sha1-96
|
|
supported_enctypes = aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal
|
|
database_module = openldap_ldapconf
|
|
}
|
|
|
|
[logging]
|
|
kdc = FILE:/var/kerberos/krb5kdc/kdc.log
|
|
admin_server = FILE:/var/kerberos/krb5kdc/kadmin.log
|
|
|
|
[dbdefaults]
|
|
ldap_kerberos_container_dn = cn=krbcontainer,dc=mit,dc=edu
|
|
|
|
[dbmodules]
|
|
openldap_ldapconf = {
|
|
db_library = kldap
|
|
disable_last_success = true
|
|
ldap_kdc_dn = "cn=krbadmin,dc=mit,dc=edu"
|
|
# this object needs to have read rights on
|
|
# the realm container and principal subtrees
|
|
ldap_kadmind_dn = "cn=krbadmin,dc=mit,dc=edu"
|
|
# this object needs to have read and write rights on
|
|
# the realm container and principal subtrees
|
|
ldap_service_password_file = /etc/kerberos/service.keyfile
|
|
ldap_servers = ldaps://kerberos.mit.edu
|
|
ldap_conns_per_server = 5
|
|
}
|