[SECURITY] Fedora 7 Update: krb5-1.6.1-4.fc7

updates at fedoraproject.org updates at fedoraproject.org
Fri Sep 7 17:21:06 UTC 2007


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2066
2007-09-07 10:21:00.853800
--------------------------------------------------------------------------------

Name        : krb5
Product     : Fedora 7
Version     : 1.6.1
Release     : 4.fc7
Summary     : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

--------------------------------------------------------------------------------
Update Information:

The originally-used patch for CVE-2007-3999 didn't completely fix the bug.  This update includes the revised patch.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Sep  6 2007 Nalin Dahyabhai <nalin at redhat.com> 1.6.1-4
- incorporate updated fix for CVE-2007-3999
- fix incorrect call to "test" in the kadmin init script
* Tue Sep  4 2007 Nalin Dahyabhai <nalin at redhat.com> 1.6.1-3
- incorporate fixes for MITKRB5-SA-2007-006 (CVE-2007-3999, CVE-2007-4000)
* Wed Jun 27 2007 Nalin Dahyabhai <nalin at redhat.com> 1.6.1-2.1
- incorporate fixes for MITKRB5-SA-2007-004 (CVE-2007-2442,CVE-2007-2443)
  and MITKRB5-SA-2007-005 (CVE-2007-2798)
* Wed Jun 27 2007 Nalin Dahyabhai <nalin at redhat.com>
- preprocess kerberos.ldif into a format FDS will like better, and include
  that as a doc file as well (from 1.6.1-4)
- drop old, incomplete SELinux patch (from 1.6.1-4)
- add patch from Greg Hudson to make srvtab routines report missing-file errors
  at same point that "file" keytab routines do (from 1.6.1-4, #241805)
* Wed Jun 27 2007 Nalin Dahyabhai <nalin at redhat.com> 1.6.1-2.0
- pull up from devel HEAD's 1.6.1-2
* Thu May 24 2007 Nalin Dahyabhai <nalin at redhat.com> 1.6.1-2
- pull patch from svn to undo unintentional chattiness in ftp
- pull patch from svn to handle NULL krb5_get_init_creds_opt structures
  better in a couple of places where they're expected
* Wed May 23 2007 Nalin Dahyabhai <nalin at redhat.com> 1.6.1-1
- update to 1.6.1
  - drop no-longer-needed patches for CVE-2007-0956,CVE-2007-0957,CVE-2007-1216
  - drop patch for sendto bug in 1.6, fixed in 1.6.1
* Fri May 18 2007 Nalin Dahyabhai <nalin at redhat.com>
- kadmind.init: don't fail outright if the default principal database
  isn't there if it looks like we might be using the kldap plugin
- kadmind.init: attempt to extract the key for the host-specific kadmin
  service when we try to create the keytab
--------------------------------------------------------------------------------
References:

  [ 1 ] CVE-2007-4743
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4743
--------------------------------------------------------------------------------
Updated packages:

062bc017c8fb0037cf8647ba236036ca2b99e537 krb5-workstation-1.6.1-4.fc7.ppc64.rpm
c78319f1acfb09915789b362e42033522d845a67 krb5-server-ldap-1.6.1-4.fc7.ppc64.rpm
99100267037e5b4166890737097c40e80aa10ca1 krb5-debuginfo-1.6.1-4.fc7.ppc64.rpm
2cdca2c60cf769d0769c93e5e57cb16369734f96 krb5-devel-1.6.1-4.fc7.ppc64.rpm
8e0df85199d6504c42a654e2e2a2ff654af1855b krb5-server-1.6.1-4.fc7.ppc64.rpm
dbc6636478fca9f3f5adb52c89628d1a695ad30e krb5-workstation-clients-1.6.1-4.fc7.ppc64.rpm
437830f38c0323c7a1b43a1757fd7eba7fc177a0 krb5-libs-1.6.1-4.fc7.ppc64.rpm
f6208052c97c4e1f44256b696546e90244e43236 krb5-workstation-servers-1.6.1-4.fc7.ppc64.rpm
d7805026a66bc6ffd47734f65bc060ea7920322c krb5-workstation-servers-1.6.1-4.fc7.i386.rpm
d16ffd27efb3cedf9ae4a6b5eb8c515b49043054 krb5-server-1.6.1-4.fc7.i386.rpm
4a5683495cb1f8c2df552ac79f08723f26c577c4 krb5-libs-1.6.1-4.fc7.i386.rpm
0ae7373dfda05cf3da04439c35e2eb1a9b635cbd krb5-workstation-1.6.1-4.fc7.i386.rpm
723bd4dc92af7e6d51288139c256eb40b54c9abf krb5-debuginfo-1.6.1-4.fc7.i386.rpm
773f532d5fb4178c3649bf1b299984b24886d427 krb5-workstation-clients-1.6.1-4.fc7.i386.rpm
567dabff5da88624a4acf106599bd8229090cfeb krb5-server-ldap-1.6.1-4.fc7.i386.rpm
9c26f85f7aa102713874d4d0e1b893ef8166cd8d krb5-devel-1.6.1-4.fc7.i386.rpm
f771eaeb4b4d7b70f459ce35431399899baef4cf krb5-server-ldap-1.6.1-4.fc7.x86_64.rpm
0bb652cf7f8d87ce0b7ca8d6b37b949e6725b17c krb5-debuginfo-1.6.1-4.fc7.x86_64.rpm
30b7ab856d9e417d647203c52c8e139354400a7e krb5-server-1.6.1-4.fc7.x86_64.rpm
7a6dc0193cefea4ed9bbaa1d6b62108b392c4cd9 krb5-libs-1.6.1-4.fc7.x86_64.rpm
f79349c65bb86f59cae5a417e2f4917e65da7cbe krb5-workstation-servers-1.6.1-4.fc7.x86_64.rpm
91b8e9dc61bfb5af45a81ca85d4a18755189a586 krb5-workstation-clients-1.6.1-4.fc7.x86_64.rpm
88ae1dae7fbfde68b163423701eeb6abf8048f4d krb5-workstation-1.6.1-4.fc7.x86_64.rpm
25d40a9b7f7ea05d36cc781c088613d496c49d29 krb5-devel-1.6.1-4.fc7.x86_64.rpm
2bf1be05fca98fc46245169c1746febef78eecf4 krb5-server-1.6.1-4.fc7.ppc.rpm
48d99309aaf66885a90cbdaaaeab716009316700 krb5-workstation-clients-1.6.1-4.fc7.ppc.rpm
71034ed9cf5f92158bfa61fe92a24cb59d87d01a krb5-libs-1.6.1-4.fc7.ppc.rpm
e3e4a2e2af257aeb014870dad1b2f6cbc4cc518e krb5-debuginfo-1.6.1-4.fc7.ppc.rpm
f39e08a32241927e082f11b27abb1e2b3e1e19a2 krb5-workstation-servers-1.6.1-4.fc7.ppc.rpm
dc9720291f1a0e0719df47b818e800347269c6de krb5-server-ldap-1.6.1-4.fc7.ppc.rpm
32ad5f5cb95e0cfd799693c116f3510b9317a5c4 krb5-devel-1.6.1-4.fc7.ppc.rpm
6209f46411cd63fb67e37475964ebe7a0b18da00 krb5-workstation-1.6.1-4.fc7.ppc.rpm
547f500edbc0da059d472ac233267c6ae2c45603 krb5-1.6.1-4.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------




More information about the package-announce mailing list