SCIENTIFIC-LINUX-ERRATA Archives

October 2014

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: krb5 on SL5.x i386/x86_64
From:
Bonnie King <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Mon, 13 Oct 2014 17:51:38 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (36 lines) 
Synopsis:          Moderate: krb5 security update
Advisory ID:       SLSA-2014:1255-1
Issue Date:        2014-09-17
CVE Numbers:       CVE-2014-4345
--

A buffer overflow was found in the KADM5 administration server (kadmind)
when it was used with an LDAP back end for the KDC database. A remote,
authenticated attacker could potentially use this flaw to execute
arbitrary code on the system running kadmind. (CVE-2014-4345)

After installing the updated packages, the krb5kdc and kadmind daemons
will be restarted automatically.
--

SL5
  x86_64
    krb5-debuginfo-1.6.1-80.el5_11.i386.rpm
    krb5-debuginfo-1.6.1-80.el5_11.x86_64.rpm
    krb5-libs-1.6.1-80.el5_11.i386.rpm
    krb5-libs-1.6.1-80.el5_11.x86_64.rpm
    krb5-workstation-1.6.1-80.el5_11.x86_64.rpm
    krb5-devel-1.6.1-80.el5_11.i386.rpm
    krb5-devel-1.6.1-80.el5_11.x86_64.rpm
    krb5-server-1.6.1-80.el5_11.x86_64.rpm
    krb5-server-ldap-1.6.1-80.el5_11.x86_64.rpm
  i386
    krb5-debuginfo-1.6.1-80.el5_11.i386.rpm
    krb5-libs-1.6.1-80.el5_11.i386.rpm
    krb5-workstation-1.6.1-80.el5_11.i386.rpm
    krb5-devel-1.6.1-80.el5_11.i386.rpm
    krb5-server-1.6.1-80.el5_11.i386.rpm
    krb5-server-ldap-1.6.1-80.el5_11.i386.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2