Synopsis:	Moderate: krb5 security update
Issue date:	2011-04-14
CVE Names:	CVE-2011-0285

An invalid free flaw was found in the password-changing capability of 
the MIT Kerberos administration daemon, kadmind. A remote, 
unauthenticated attacker could use this flaw to cause kadmind to abort 
via a specially-crafted request. (CVE-2011-0285)

After installing the updated packages, the kadmind daemon will be 
restarted automatically.

SL 6.x

      SRPMS:
krb5-1.8.2-3.el6_0.7.src.rpm
      i386:
krb5-devel-1.8.2-3.el6_0.7.i686.rpm
krb5-libs-1.8.2-3.el6_0.7.i686.rpm
krb5-pkinit-openssl-1.8.2-3.el6_0.7.i686.rpm
krb5-server-1.8.2-3.el6_0.7.i686.rpm
krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm
krb5-workstation-1.8.2-3.el6_0.7.i686.rpm
      x86_64:
krb5-devel-1.8.2-3.el6_0.7.i686.rpm
krb5-devel-1.8.2-3.el6_0.7.x86_64.rpm
krb5-libs-1.8.2-3.el6_0.7.i686.rpm
krb5-libs-1.8.2-3.el6_0.7.x86_64.rpm
krb5-pkinit-openssl-1.8.2-3.el6_0.7.x86_64.rpm
krb5-server-1.8.2-3.el6_0.7.x86_64.rpm
krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm
krb5-server-ldap-1.8.2-3.el6_0.7.x86_64.rpm
krb5-workstation-1.8.2-3.el6_0.7.x86_64.rpm

- Scientific Linux Development Team