Fixes the following security issues:
- CVE-2020-28196: MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before
1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message
because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite
lengths lacks a recursion limit.
Also fix .hash file indentation.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The hash of the NOTICE file has changed due to update in copyright year
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash of the NOTICE file has changed due to:
- Update in copyright year
- Rewrapping/indentation changes
- Addition of the license for other parts of the software, but that
are under MIT, so no change from that perspective
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: André Hentschel <nerv@dawncrow.de>
[Thomas:
- remove LIBKRB5_VERSION_MAJOR
- minor tweaks to commit title and Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
