K 10 svn:author V 2 cy K 8 svn:date V 27 2016-07-27T19:26:16.421274Z K 7 svn:log V 512 MFH: r419157 Update to 1.13.6. This is a bug fix release. * Improve some error messages * Improve documentation * Allow a principal with nonexistent policy to bypass the minimum password lifetime check, consistent with other aspects of nonexistent policies * Fix a rare KDC denial of service vulnerability when anonymous client principals are restricted to obtaining TGTs only [CVE-2016-3120] Security: 62d45229-4fa0-11e6-9d13-206a8a720317 Security: CVE-2016-3120 Approved by: ports-secteam (feld) END