krb5-1.8 fails to verify MS PAC Checksum when AES 256 is used
Bug #723840 reported by
Dan Searle
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
krb5 (Debian) |
Fix Released
|
Unknown
|
|||
krb5 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: libkrb5-3
libkrb5-3 in Lucid does not work properly when mediating between a Windows 7 client and a 2008R2 KDC after applying MS hotfix KB2425227.
The bug has been reported previously here:
http://
And here:
http://<email address hidden>
However, it's only since the MS hotfix that it has become a problem for us.
Basically, the bug has been fixed in libkrb5-3 version 1.8.3, so all you have to do is update the package.
I'm guessing you're going to get a lot more bug reports on this, trust MS to keep changing the goal posts and making our jobs harder.
Changed in krb5 (Ubuntu): | |
status: | New → In Progress |
assignee: | nobody → Sam Hartman (hartmans) |
Changed in krb5 (Ubuntu): | |
status: | In Progress → Fix Committed |
assignee: | Sam Hartman (hartmans) → nobody |
tags: | added: patch |
Changed in krb5 (Debian): | |
status: | Unknown → Fix Released |
To post a comment you must log in.
I can confirm that compiling and using the new MIT Kerberos 1.8.3 libs fixes the problem I described.