Package Release Info

gssntlmssp-1.2.0-bp154.2.3.1

Update Info: openSUSE-2023-48
Available in Package Hub : 15 SP4 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

gssntlmssp

gssntlmssp-devel

Change Logs

* Wed Feb 15 2023 Martin Hauke <mardnh@gmx.de>

- Adapt license changes from upstream
  * LGPL-3.0-or-later -> ISC
- Upstream moved to github
- Update to version 1.2.0
  * Implement gss_set_cred_option.
  * Allow to gss_wrap even if NEGOTIATE_SEAL is not negotiated.
  * Move HMAC code to OpenSSL EVP API.
  * Fix crash bug when acceptor credentials are NULL.
  * Translations update from Fedora Weblate.
  Fix CVE:
  * CVE-2023-25563 (boo#1208278): multiple out-of-bounds read
    when decoding NTLM fields.
  * CVE-2023-25564 (boo#1208279): memory corruption when decoding
    UTF16 strings.
  * CVE-2023-25565 (boo#1208280): incorrect free when decoding
    target information.
  * CVE-2023-25566 (boo#1208281): memory leak when parsing
    usernames.
  * CVE-2023-25567 (boo#1208282): out-of-bounds read when
    decoding target information.
- Update to version 1.1
  * various build fixes and better compatibility when a MIC is
    requested.
- Update to version 1.0
  * Fix test_gssapi_rfc5587.
  * Actually run tests with make check.
  * Add two tests around NTLMSSP_NEGOTIATE_LMKEY.
  * Refine LM compatibility level logic.
  * Refactor the gssntlm_required_security function.
  * Implement reading LM/NT hashes.
  * Add test for smpasswd-like user files.
  * Return confidentiality status.
  * Fix segfault in sign/seal functions.
  * Fix dummy signature generation.
  * Use UCS16LE instead of UCS-2LE.
  * Provide a zero lm key if the password is too long.
  * Completely omit CBs AV pairs when no CB provided.
  * Change license to the more permissive ISC.
  * Do not require cached users with winbind.
  * Add ability to pass keyfile via cred store.
  * Remove unused parts of Makefile.am.
  * Move attribute names to allocated strings.
  * Adjust serialization for name attributes.
  * Fix crash in acquiring credentials.
  * Fix fallback to external_creds interface.
  * Introduce parse_user_name() function.
  * Add test for parse_user_name.
  * Change how we assemble user names in ASC.
  * Use thread local storage for winbind context.
  * Make per thread winbind context optional.
  * Fixed memleak of usr_cred.
  * Support get_sids request via name attributes.
  * Fixed memory leaks found by valgrind.
- Update to version 0.9
  * add support for getting session key.
  * Add gss_inquire_attrs_for_mech().
  * Return actual data for RFC5587 API.
  * Add new Windows version flags.
  * Add Key exchange also when wanting integrity only.
  * Drop support for GSS_C_MA_NOT_DFLT_MECH.

Version: 0.8.0-bp154.1.68

Version: 0.8.0-bp153.1.21

Version: 0.8.0-bp152.1.10

* Thu Feb 27 2020 Martin Hauke <mardnh@gmx.de>

- Specfile cleanup

* Wed Aug 14 2019 Simona Avornicesei <simona@avornicesei.com>

- Fixed build on Fedora / CentOS

* Wed Aug 14 2019 Simona Avornicesei <simona@avornicesei.com>

- Fixed build on OpenSUSE Tumbleweed

* Tue Apr 23 2019 Simona Avornicesei <simona@avornicesei.com>

- build GSSNTLMSSP package v0.8.0 from https://pagure.io/gssntlmssp

* Thu Apr 18 2019 Simo Sorce <simo@redhat.com>

- New upstream release 0.8.0:
  * Add compatibility with OpenSSL 1.1.0
  * Port some documentation into the tree
  * Rename and split the README file
  * Add support for RFC5801
  * Add support to return SSF value

* Fri Jun 03 2016 Simo Sorce <simo@samba.org>

- New upstream release 0.7.0:
  * Return the actual_mech_type when requested
  * Add test to check actual_mech is actually returned
  * Fix gss_inquire_cred with no creds
  * Return actual mech on accept context too
  * Add test for accept returning mech
  * Add placeholder inquire_name
  * Fix a regression in error handling
  * Check that we are actually asking for a known oid
  * Move setting seq numbers to a spearate function
  * Add context extension to reset crypto state

* Mon Feb 23 2015 Simo Sorce <simo@samba.org>

- Update EPEL to latest version

* Sun Jan 26 2014 Simo Sorce <simo@samba.org>

- Fixes #1058025
- New upstream release 0.3.1:
  * Fix segfault in init context.

* Sun Jan 12 2014 Simo Sorce <simo@samba.org>

- New upstream release 0.3.0:
  * Added support for NTLMv1 Signing and Sealing completing full coverage
    of the NTLM protocol
  * Added a number of GSSAPI calls to inquire, export and import context and
    credentials, in preparation for making it work with GSS-Proxy
  * Various fixes memleak and other fixes

* Wed Dec 04 2013 Simo Sorce <simo@samba.org>

- Backport patch that fixes failures with gss_set_neg_mechs() calls.

* Fri Oct 18 2013 Simo Sorce <simo@samba.org>

- New upstream realease 0.2.0:
  * Add support for acquire_cred_with_password()
  * Fix Signing keys generation
  * Add enterprise names support
  * Add connectionless mode support
  * Add development header gssapi_ntlmssp.h
  * Various bugfixes and tests for new features

* Thu Oct 17 2013 Simo Sorce <simo@samba.org>

- Initial import of 0.1.0