+Release Notes - Heimdal - Version Heimdal 1.4
+
+ New features
+
+ - Support for reading MIT database file directly
+ - KCM is polished up and now used in production
+ - NTLM first class citizen, credentials stored in KCM
+ - Table driven ASN.1 compiler, smaller!, not enabled by default
+ - Native Windows client support
+
+Notes
+
+ - Disabled write support NDBM hdb backend (read still in there) since
+ it can't handle large records, please migrate to a diffrent backend
+ (like BDB4)
+
+Release Notes - Heimdal - Version Heimdal 1.3.3
+
+ Bug fixes
+ - Check the GSS-API checksum exists before trying to use it [CVE-2010-1321]
+ - Check NULL pointers before dereference them [kdc]
+
+Release Notes - Heimdal - Version Heimdal 1.3.2
+
+ Bug fixes
+
+ - Don't mix length when clearing hmac (could memset too much)
+ - More paranoid underrun checking when decrypting packets
+ - Check the password change requests and refuse to answer empty packets
+ - Build on OpenSolaris
+ - Renumber AD-SIGNED-TICKET since it was stolen from US
+ - Don't cache /dev/*random file descriptor, it doesn't get unloaded
+ - Make C++ safe
+ - Misc warnings
+
+Release Notes - Heimdal - Version Heimdal 1.3.1
+
+ Bug fixes
+
+ - Store KDC offset in credentials
+ - Many many more bug fixes
+
+Release Notes - Heimdal - Version Heimdal 1.3.1
+
+ New features
+
+ - Make work with OpenLDAPs krb5 overlay
+
Release Notes - Heimdal - Version Heimdal 1.3
New features
- - Partital support for MIT kadmind rpc protocol in kadmind
+ - Partial support for MIT kadmind rpc protocol in kadmind
- Better support for finding keytab entries when using SPN aliases in the KDC
- Support BER in ASN.1 library (needed for CMS)
- Support decryption in Keychain private keys
- Support for new sqlite based credential cache
- - Try both to KDC referals the the common DNS reverse lookup in GSS-API.
- - Fix the KCM not not leak resources on failure
- - Add IPv6 support to iprop.
+ - Try both KDC referals and the common DNS reverse lookup in GSS-API
+ - Fix the KCM to not leak resources on failure
+ - Add IPv6 support to iprop
- Support localization of error strings in
- kinit/klist/kdestroy and Kerberos library.
+ kinit/klist/kdestroy and Kerberos library
- Remove Kerberos 4 support in application (still in KDC)
- Deprecate DES
- Support i18n password in windows domains (using UTF-8)
- More complete API emulation of OpenSSL in hcrypto
+ - Support for ECDSA and ECDH when linking with OpenSSL
API changes