Public bug reported:
MIT Kerberos 1.10 (including pre-releases and betas) exposed a bug in
the tracking of preauth mechanisms such that, if an authentication fails
after preauth was requested, all subsequent preauth-required
authentications in the same Kerberos context will also fail.
This breaks password change when credentials have expired, and also
breaks try_first_pass functionality in Kerberos PAM modules.
Upstream has fixed this problem in their mainline with commit 25822.
** Affects: krb5 (Ubuntu)
Importance: Undecided
Status: New
** Affects: krb5 (Debian)
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/988520
Title:
After failed auth, subsequent auths in same context fail
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/988520/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
