The signature key fingerprint is: E659 41B7 1CF3 C459 A34F A89C 45E7 572A 28CD 8CC8
Changes in Heimdal 7.4:
- Fix CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
This is a critical vulnerability.
In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'. Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.
Identified by Jeffrey Altman, Viktor Duchovni and Nico Williams.
On Tue, Jul 11, 2017 at 12:34 PM, <[hidden email]> wrote:
> Dear Heimdal Community,
> A team consisting of staff from Two Sigma Open Source and AuriStor are
> pleased to announce the release of Heimdal 7.4.