[SECURITY] Fedora Core 5 Update: krb5-1.4.3-5.4

Tue Apr 3 20:14:48 UTC 2007

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-409
2007-04-03
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : krb5
Version     : 1.4.3
Release     : 5.4
Summary     : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

---------------------------------------------------------------------
Update Information:

This update incorporates fixes for MITKRB5-SA-2007-001
(unauthorized access via telnetd), MITKRB5-SA-2007-002
(buffer overflow in KDC and kadmind logging), and
MITKRB5-SA-2007-003 (double-free in kadmind).
---------------------------------------------------------------------
* Tue Apr  3 2007 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.4
- add patch to correct unauthorized access via krb5-aware telnet
  daemon (#229782, CVE-2007-0956)
- add patch to fix buffer overflow in krb5kdc and kadmind
  (#231528, CVE-2007-0957)
- add patch to fix double-free in kadmind (#231537, CVE-2007-1216)
* Tue Jan  9 2007 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.3
- apply patch from Tom Yu to fix MITKRB-SA-2006-002 (CVE-2006-6143)
* Fri Aug 18 2006 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.2
- switch to the updated patch for MITKRB-SA-2006-001
* Tue Aug  8 2006 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.1
- apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084)
* Fri Apr 14 2006 Stepan Kasal <skasal at redhat.com>    - 1.4.3-5
- Fix formatting typo in kinit.1 (krb5-kinit-man-typo.patch)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

aa93427c2746f1bbbe8efe23a5c5467c60d30e08  SRPMS/krb5-1.4.3-5.4.src.rpm
aa93427c2746f1bbbe8efe23a5c5467c60d30e08  noarch/krb5-1.4.3-5.4.src.rpm
48c9018cddb73d08ffb00a90f9881c2aa5903d23  ppc/debug/krb5-debuginfo-1.4.3-5.4.ppc.rpm
cbe7dd65e1789a36643d3f8cf14e99baed64deb5  ppc/krb5-devel-1.4.3-5.4.ppc.rpm
7e3358bcebb4905cd6a1f56d123605b73cd34e76  ppc/krb5-libs-1.4.3-5.4.ppc.rpm
61b890d957e9bcf7c07f63a191dba10035d68214  ppc/krb5-workstation-1.4.3-5.4.ppc.rpm
ff67a4115d83936cd8f6d081f5d46b0184977495  ppc/krb5-server-1.4.3-5.4.ppc.rpm
dc8a46dc68d7ee109980da5aabb6fe79d0f083d6  x86_64/krb5-workstation-1.4.3-5.4.x86_64.rpm
db80ab276f2ad2d0a5ecd609628927b3a9f5696f  x86_64/krb5-server-1.4.3-5.4.x86_64.rpm
539cf0842e40bd7f7e8ae894c2754c77aea19359  x86_64/krb5-libs-1.4.3-5.4.x86_64.rpm
71bb8fd479ef11d7214f34c98e133351fbda6517  x86_64/krb5-devel-1.4.3-5.4.x86_64.rpm
cc6002aab53682ca0168717b93044c732f2767d1  x86_64/debug/krb5-debuginfo-1.4.3-5.4.x86_64.rpm
d6ac9c92d1c2588ee2c2a11aad0120dc8295d0de  i386/krb5-devel-1.4.3-5.4.i386.rpm
5a3a187cb31db326e73458697ac87122df6ed7f5  i386/debug/krb5-debuginfo-1.4.3-5.4.i386.rpm
442af2e9753cf1910e5aa307b55403dd92654204  i386/krb5-server-1.4.3-5.4.i386.rpm
5bc9cfe4e938a4739ef76dd946bab8c66abf579a  i386/krb5-workstation-1.4.3-5.4.i386.rpm
e5fe201c7b63323c6c2a96a0cb5b4176db84407f  i386/krb5-libs-1.4.3-5.4.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------