MFH: r418903
Update to 1.14.3.
This is a bug fix release.
- Improve some error messages
- Improve documentation
- Allow a principal with nonexistent policy to bypass the minimum password lifetime check, consistent with other aspects of nonexistent policies
- Fix a rare KDC denial of service vulnerability when anonymous client principals are restricted to obtaining TGTs only [CVE-2016-3120]
Security: 62d45229-4fa0-11e6-9d13-206a8a720317
Security: CVE-2016-3120
Approved by: ports-secteam@ (feld@)