K 10
svn:author
V 2
cy
K 8
svn:date
V 27
2018-05-04T06:18:43.818820Z
K 7
svn:log
V 930
Update 1.16 --> 1.16.1

Major changes in 1.16.1 (2018-05-03)
====================================

This is a bug fix release.

* Fix flaws in LDAP DN checking, including a null dereference KDC
  crash which could be triggered by kadmin clients with administrative
  privileges [CVE-2018-5729, CVE-2018-5730].

* Fix a KDC PKINIT memory leak.

* Fix a small KDC memory leak on transited or authdata errors when
  processing TGS requests.

* Fix a regression in pkinit_cert_match matching of client
  certificates containing Microsoft UPN SANs.

* Fix a null dereference when the KDC sends a large TGS reply.

* Fix "kdestroy -A" with the KCM credential cache type.

* Allow validation of Microsoft PACs containing enterprise names.

* Fix the handling of capaths "." values.

* Fix handling of repeated subsection specifications in profile files
  (such as when multiple included files specify relations in the same
  subsection).

END