c26cb5a Require krb5 with fix for CVE-2018-20217

Authored and Committed by cheimes 5 years ago
    Require krb5 with fix for CVE-2018-20217
    
    A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5
    (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using
    an older encryption type (single-DES, triple-DES, or RC4), the attacker
    can crash the KDC by making an S4U2Self request.
    
    1.16.1-24 comes without Fix-bugs-with-concurrent-use-of-MEMORY-ccaches,
    which caused a regression with IPA.
    
    See: https://nvd.nist.gov/vuln/detail/CVE-2018-20217
    Signed-off-by: Christian Heimes <cheimes@redhat.com>
    Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
    
        
file modified
+2 -1