Subject: | |
From: | |
Reply To: | |
Date: | Wed, 19 May 2010 11:20:32 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Important: krb5 security update
Issue date: 2010-05-18
CVE Names: CVE-2010-1321
A NULL pointer dereference flaw was discovered in the MIT Kerberos
Generic Security Service Application Program Interface (GSS-API)
library. A remote, authenticated attacker could use this flaw to crash
any server application using the GSS-API authentication mechanism, by
sending a specially-crafted GSS-API token with a missing checksum field.
(CVE-2010-1321)
All running services using the MIT Kerberos libraries must be restarted
for the update to take effect.
SL 3.0.x
SRPMS:
krb5-1.2.7-72.src.rpm
i386:
krb5-devel-1.2.7-72.i386.rpm
krb5-libs-1.2.7-72.i386.rpm
krb5-server-1.2.7-72.i386.rpm
krb5-workstation-1.2.7-72.i386.rpm
x86_64:
krb5-devel-1.2.7-72.x86_64.rpm
krb5-libs-1.2.7-72.i386.rpm
krb5-libs-1.2.7-72.x86_64.rpm
krb5-server-1.2.7-72.x86_64.rpm
krb5-workstation-1.2.7-72.x86_64.rpm
SL 4.x
SRPMS:
krb5-1.3.4-62.el4_8.2.src.rpm
i386:
krb5-devel-1.3.4-62.el4_8.2.i386.rpm
krb5-libs-1.3.4-62.el4_8.2.i386.rpm
krb5-server-1.3.4-62.el4_8.2.i386.rpm
krb5-workstation-1.3.4-62.el4_8.2.i386.rpm
x86_64:
krb5-devel-1.3.4-62.el4_8.2.x86_64.rpm
krb5-libs-1.3.4-62.el4_8.2.i386.rpm
krb5-libs-1.3.4-62.el4_8.2.x86_64.rpm
krb5-server-1.3.4-62.el4_8.2.x86_64.rpm
krb5-workstation-1.3.4-62.el4_8.2.x86_64.rpm
SL 5.x
SRPMS:
krb5-1.6.1-36.el5_5.4.src.rpm
i386:
krb5-devel-1.6.1-36.el5_5.4.i386.rpm
krb5-libs-1.6.1-36.el5_5.4.i386.rpm
krb5-server-1.6.1-36.el5_5.4.i386.rpm
krb5-workstation-1.6.1-36.el5_5.4.i386.rpm
x86_64:
krb5-devel-1.6.1-36.el5_5.4.i386.rpm
krb5-devel-1.6.1-36.el5_5.4.x86_64.rpm
krb5-libs-1.6.1-36.el5_5.4.i386.rpm
krb5-libs-1.6.1-36.el5_5.4.x86_64.rpm
krb5-server-1.6.1-36.el5_5.4.x86_64.rpm
krb5-workstation-1.6.1-36.el5_5.4.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|