[SECURITY] Fedora Core 5 Update: krb5-1.4.3-5.5

Nalin Dahyabhai nalin at redhat.com
Thu Jun 28 13:30:51 UTC 2007


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-620
2007-06-28
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : krb5
Version     : 1.4.3
Release     : 5.5
Summary     : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

---------------------------------------------------------------------
Update Information:

This update incorporates fixes for a stack buffer overflow
and heap corruption in the RPC library, and a fix for a
potential stack buffer overflow in kadmind.
---------------------------------------------------------------------
* Wed Jun 27 2007 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.5
- incorporate fixes for MITKRB5-SA-2007-004 (CVE-2007-2442,CVE-2007-2443)
  and MITKRB5-SA-2007-005 (CVE-2007-2798)
* Tue Apr  3 2007 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.4
- add patch to correct unauthorized access via krb5-aware telnet
  daemon (#229782, CVE-2007-0956)
- add patch to fix buffer overflow in krb5kdc and kadmind
  (#231528, CVE-2007-0957)
- add patch to fix double-free in kadmind (#231537, CVE-2007-1216)
* Tue Jan  9 2007 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.3
- apply patch from Tom Yu to fix MITKRB-SA-2006-002 (CVE-2006-6143)
* Fri Aug 18 2006 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.2
- switch to the updated patch for MITKRB-SA-2006-001
* Tue Aug  8 2006 Nalin Dahyabhai <nalin at redhat.com> 1.4.3-5.1
- apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084)
* Fri Apr 14 2006 Stepan Kasal <skasal at redhat.com>    - 1.4.3-5
- Fix formatting typo in kinit.1 (krb5-kinit-man-typo.patch)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

428f5a1a16f261507e780a7468adcf054534228a  SRPMS/krb5-1.4.3-5.5.src.rpm
428f5a1a16f261507e780a7468adcf054534228a  noarch/krb5-1.4.3-5.5.src.rpm
ae9338cee91736eab3a108b8713d4dce56e1e41e  ppc/debug/krb5-debuginfo-1.4.3-5.5.ppc.rpm
7a6a044dbe79c2b1e52bb37493a125c81ec3d61a  ppc/krb5-server-1.4.3-5.5.ppc.rpm
28f4db0ea0ee174c3d027b387e2dc1de3743920a  ppc/krb5-libs-1.4.3-5.5.ppc.rpm
b2b2e49c40a4f2f9896e1968533df905c9bf5a17  ppc/krb5-workstation-1.4.3-5.5.ppc.rpm
d5138a1387d0c53555f30b62453c4acc48c3f850  ppc/krb5-devel-1.4.3-5.5.ppc.rpm
fb2b5ee96faeb4a32e5ebef492e3951f884be0b7  x86_64/debug/krb5-debuginfo-1.4.3-5.5.x86_64.rpm
c38ff027c2fc12e2f5574978d447d3312f46c083  x86_64/krb5-server-1.4.3-5.5.x86_64.rpm
ae8e4ccde571e411765b76813df63179cccb14b0  x86_64/krb5-libs-1.4.3-5.5.x86_64.rpm
a429a9a7e6bc3716bc3762aed47949aafce2fe93  x86_64/krb5-devel-1.4.3-5.5.x86_64.rpm
4097c5826880d51c689cc2ac9598865d2d963d2e  x86_64/krb5-workstation-1.4.3-5.5.x86_64.rpm
dbfb9c6daf7737dba40ef46ee83311179664eddd  i386/krb5-devel-1.4.3-5.5.i386.rpm
b1d93b42f28f0722f758493897ee8036cce1d8ab  i386/krb5-server-1.4.3-5.5.i386.rpm
0d7d3f5d147c26f023e16c5c21f45716bfc04ab2  i386/krb5-libs-1.4.3-5.5.i386.rpm
08bb2e80ac94de576b5bc6129c329fed91e215c1  i386/krb5-workstation-1.4.3-5.5.i386.rpm
270cb51345181477d454f97015af76c5b303a25e  i386/debug/krb5-debuginfo-1.4.3-5.5.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------




More information about the package-announce mailing list