[SECURITY] Fedora Core 6 Update: krb5-1.5-21
Nalin Dahyabhai
nalin at redhat.com
Tue Apr 3 20:13:33 UTC 2007
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-408
2007-04-03
---------------------------------------------------------------------
Product : Fedora Core 6
Name : krb5
Version : 1.5
Release : 21
Summary : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.
---------------------------------------------------------------------
Update Information:
This update incorporates fixes for MITKRB5-SA-2007-001
(unauthorized access via telnetd), MITKRB5-SA-2007-002
(buffer overflow in KDC and kadmind logging), and
MITKRB5-SA-2007-003 (double-free in kadmind).
---------------------------------------------------------------------
* Thu Mar 15 2007 Nalin Dahyabhai <nalin at redhat.com> 1.5-21
- add patch to fix buffer overflow in krb5kdc and kadmind
(#231528, CVE-2007-0957)
- add patch to fix double-free in kadmind (#231537, CVE-2007-1216)
* Tue Feb 27 2007 Nalin Dahyabhai <nalin at redhat.com> - 1.5-20
- temporarily back out %post changes, fix for #143289 for security update
- add patch to correct unauthorized access via krb5-aware telnet
daemon (#229782, CVE-2007-0956)
* Thu Jan 25 2007 Nalin Dahyabhai <nalin at redhat.com> - 1.5-19
- refrain from killing any lingering members of our child's process group when
logging that the child process has exited (Jose Plans, #143289)
* Mon Jan 22 2007 Nalin Dahyabhai <nalin at redhat.com> - 1.5-18
- make use of install-info more failsafe (Ville Skyttä, #223704)
* Tue Jan 16 2007 Nalin Dahyabhai <nalin at redhat.com> - 1.5-17
- move to using pregenerated PDF docs to cure multilib conflicts (#222721)
* Fri Jan 12 2007 Nalin Dahyabhai <nalin at redhat.com> - 1.5-16
- update backport of the preauth module interface (part of #194654)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
cc068f79cd7fe62667147cba0b96659ddce60b5b SRPMS/krb5-1.5-21.src.rpm
cc068f79cd7fe62667147cba0b96659ddce60b5b noarch/krb5-1.5-21.src.rpm
98c8b325ddb13f3757fb349cd87c3d61c8eec9bf ppc/krb5-workstation-1.5-21.ppc.rpm
9a20b89bdcfabf503926c17b69f09ab345a86ac3 ppc/krb5-devel-1.5-21.ppc.rpm
bca3beecb2eb73065de7f79982d3190e50fe5b6b ppc/krb5-server-1.5-21.ppc.rpm
411eecd8de23dd486abd96de14b6b45a0fcb481a ppc/krb5-libs-1.5-21.ppc.rpm
7f423433186622ec45cbff24892e58fd3eb08cd9 ppc/debug/krb5-debuginfo-1.5-21.ppc.rpm
a3138abb663b94999499bcc2ffc392710f4782f5 x86_64/debug/krb5-debuginfo-1.5-21.x86_64.rpm
412873d0d6b2ba5b4ac7a60bab868541286ac376 x86_64/krb5-server-1.5-21.x86_64.rpm
59475786c6a7c9702099257fdbd30e1657641da8 x86_64/krb5-workstation-1.5-21.x86_64.rpm
90766b552742d35290b7ac7dca280c1284a5e131 x86_64/krb5-devel-1.5-21.x86_64.rpm
479e1ae2c82899660cc4bcaa8d30fa6b2ad4a32c x86_64/krb5-libs-1.5-21.x86_64.rpm
5440d096e7f74e242c5c2974018f926f2b47e6b9 i386/krb5-workstation-1.5-21.i386.rpm
662953e86cd6f2f9ef8c7b5bf71bb5c76259186a i386/debug/krb5-debuginfo-1.5-21.i386.rpm
6b9fda6d658e97f95a1728e63cbd08b8c8586bed i386/krb5-libs-1.5-21.i386.rpm
4659fe73d50c5542f50bdcf231022fecbfdb677e i386/krb5-server-1.5-21.i386.rpm
5cda24bfe886b33745524085308cf379ae16c216 i386/krb5-devel-1.5-21.i386.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list