Uploaded image for project: 'Hue (READ ONLY)'
  1. Hue (READ ONLY)
  2. HUE-9521

Setting renew lifetime to 0m or with MSFT recent patch fix CVE-2020-17049 will cause KT Renewer not to start.

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.8.0
    • Fix Version/s: 5.0.0
    • Component/s: core.api
    • Labels:
      None

      Description

      With JDK 242 and above, most of the services are needed to have disableReferrals in some cases this setting at the jvm level does not take effect and inturn some may set the renew_lifetime in krb5.conf to 0m (essentially disabling it).  The fix is for kt renewer to handle this scenario.

      This patch can be leveraged for CVE-2020-17049.

        Attachments

          Activity

            People

            • Assignee:
              quadoss Mahesh Balakrishnan
              Reporter:
              quadoss Mahesh Balakrishnan
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: