K 10
svn:author
V 2
cy
K 8
svn:date
V 27
2016-07-27T19:26:16.421274Z
K 7
svn:log
V 512
MFH: r419157

Update to 1.13.6.

This is a bug fix release.

* Improve some error messages

* Improve documentation

* Allow a principal with nonexistent policy to bypass the minimum
  password lifetime check, consistent with other aspects of
  nonexistent policies

* Fix a rare KDC denial of service vulnerability when anonymous client
  principals are restricted to obtaining TGTs only [CVE-2016-3120]

Security:	62d45229-4fa0-11e6-9d13-206a8a720317
Security:	CVE-2016-3120

Approved by:	ports-secteam (feld)

END