LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Moderate: krb5 security, bug fix, and enhancement update
Advisory ID:       SLSA-2018:0666-1
Issue Date:        2018-04-10
CVE Numbers:       CVE-2017-11368
                   CVE-2017-7562
--

Security Fix(es):

* krb5: Authentication bypass by improper validation of certificate EKU
and SAN (CVE-2017-7562)

* krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure
(CVE-2017-11368)

Additional Changes:
--

SL7
  x86_64
    krb5-debuginfo-1.15.1-18.el7.i686.rpm
    krb5-debuginfo-1.15.1-18.el7.x86_64.rpm
    krb5-libs-1.15.1-18.el7.i686.rpm
    krb5-libs-1.15.1-18.el7.x86_64.rpm
    krb5-pkinit-1.15.1-18.el7.x86_64.rpm
    krb5-workstation-1.15.1-18.el7.x86_64.rpm
    libkadm5-1.15.1-18.el7.i686.rpm
    libkadm5-1.15.1-18.el7.x86_64.rpm
    krb5-devel-1.15.1-18.el7.i686.rpm
    krb5-devel-1.15.1-18.el7.x86_64.rpm
    krb5-server-1.15.1-18.el7.x86_64.rpm
    krb5-server-ldap-1.15.1-18.el7.x86_64.rpm

- Scientific Linux Development Team