SCIENTIFIC-LINUX-ERRATA Archives

April 2018

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: krb5 on SL7.x x86_64
From:
Scott Reid <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Mon, 30 Apr 2018 20:38:15 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (35 lines) 
Synopsis:          Moderate: krb5 security, bug fix, and enhancement update

Advisory ID:       SLSA-2018:0666-1

Issue Date:        2018-04-10

CVE Numbers:       CVE-2017-11368

                   CVE-2017-7562

--



Security Fix(es):



* krb5: Authentication bypass by improper validation of certificate EKU

and SAN (CVE-2017-7562)



* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure

(CVE-2017-11368)



Additional Changes:

--



SL7

  x86_64

    krb5-debuginfo-1.15.1-18.el7.i686.rpm

    krb5-debuginfo-1.15.1-18.el7.x86_64.rpm

    krb5-libs-1.15.1-18.el7.i686.rpm

    krb5-libs-1.15.1-18.el7.x86_64.rpm

    krb5-pkinit-1.15.1-18.el7.x86_64.rpm

    krb5-workstation-1.15.1-18.el7.x86_64.rpm

    libkadm5-1.15.1-18.el7.i686.rpm

    libkadm5-1.15.1-18.el7.x86_64.rpm

    krb5-devel-1.15.1-18.el7.i686.rpm

    krb5-devel-1.15.1-18.el7.x86_64.rpm

    krb5-server-1.15.1-18.el7.x86_64.rpm

    krb5-server-ldap-1.15.1-18.el7.x86_64.rpm



- Scientific Linux Development Team

ATOM RSS1 RSS2