SCIENTIFIC-LINUX-ERRATA Archives

March 2011

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: krb5 on SL6.x i386/x86_64
From:
Troy Dawson <[log in to unmask]>
Reply To:
Troy Dawson <[log in to unmask]>
Date:
Wed, 16 Mar 2011 13:43:49 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (38 lines) 
Synopsis:	Important: krb5 security update

Issue date:	2011-03-16

CVE Names:	CVE-2011-0284



A double-free flaw was found in the way the MIT Kerberos KDC handled

initial authentication requests (AS-REQ), when the KDC was configured to

provide the PKINIT capability. A remote attacker could use this flaw to

cause the KDC daemon to abort by using a specially-crafted AS-REQ 

request. (CVE-2011-0284)



After installing the updated packages, the krb5kdc daemon will be 

restarted automatically.



SL 6.x



      SRPMS:

krb5-1.8.2-3.el6_0.6.src.rpm

      i386:

krb5-devel-1.8.2-3.el6_0.6.i686.rpm

krb5-libs-1.8.2-3.el6_0.6.i686.rpm

krb5-pkinit-openssl-1.8.2-3.el6_0.6.i686.rpm

krb5-server-1.8.2-3.el6_0.6.i686.rpm

krb5-server-ldap-1.8.2-3.el6_0.6.i686.rpm

krb5-workstation-1.8.2-3.el6_0.6.i686.rpm

      x86_64:

krb5-devel-1.8.2-3.el6_0.6.i686.rpm

krb5-devel-1.8.2-3.el6_0.6.x86_64.rpm

krb5-libs-1.8.2-3.el6_0.6.i686.rpm

krb5-libs-1.8.2-3.el6_0.6.x86_64.rpm

krb5-pkinit-openssl-1.8.2-3.el6_0.6.x86_64.rpm

krb5-server-1.8.2-3.el6_0.6.x86_64.rpm

krb5-server-ldap-1.8.2-3.el6_0.6.i686.rpm

krb5-server-ldap-1.8.2-3.el6_0.6.x86_64.rpm

krb5-workstation-1.8.2-3.el6_0.6.x86_64.rpm



-Connie Sieh

-Troy Dawson

ATOM RSS1 RSS2