FSA/F7/FEDORA-2007-0740

From FedoraProject

< FSA | F7
Jump to: navigation, search

[SECURITY] Fedora 7 Update: krb5-1.6.1-2.1.fc7

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-0740
2007-06-27 18:54:40.086390
--------------------------------------------------------------------------------

Name        : krb5
Product     : Fedora 7
Version     : 1.6.1
Release     : 2.1.fc7
Summary     : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

--------------------------------------------------------------------------------
Update Information:

This update incorporates fixes for a stack buffer overflow and heap corruption
in the RPC library, and a fix for a potential stack buffer overflow in kadmind.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 27 2007 Nalin Dahyabhai <nalin@redhat.com> 1.6.1-2.1
- incorporate fixes for MITKRB5-SA-2007-004 (CVE-2007-2442,CVE-2007-2443)
and MITKRB5-SA-2007-005 (CVE-2007-2798)
* Wed Jun 27 2007 Nalin Dahyabhai <nalin@redhat.com>
- preprocess kerberos.ldif into a format FDS will like better, and include
that as a doc file as well (from 1.6.1-4)
- drop old, incomplete SELinux patch (from 1.6.1-4)
- add patch from Greg Hudson to make srvtab routines report missing-file errors
at same point that "file" keytab routines do (from 1.6.1-4, #241805)
* Wed Jun 27 2007 Nalin Dahyabhai <nalin@redhat.com> 1.6.1-2.0
- pull up from devel HEAD's 1.6.1-2
* Thu May 24 2007 Nalin Dahyabhai <nalin@redhat.com> 1.6.1-2
- pull patch from svn to undo unintentional chattiness in ftp
- pull patch from svn to handle NULL krb5_get_init_creds_opt structures
better in a couple of places where they're expected
* Wed May 23 2007 Nalin Dahyabhai <nalin@redhat.com> 1.6.1-1
- update to 1.6.1
- drop no-longer-needed patches for CVE-2007-0956,CVE-2007-0957,CVE-2007-1216
- drop patch for sendto bug in 1.6, fixed in 1.6.1
* Fri May 18 2007 Nalin Dahyabhai <nalin@redhat.com>
- kadmind.init: don't fail outright if the default principal database
isn't there if it looks like we might be using the kldap plugin
- kadmind.init: attempt to extract the key for the host-specific kadmin
service when we try to create the keytab
--------------------------------------------------------------------------------
References:

[ 1 ]  CVE-2007-2442
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2442
[ 2 ]  CVE-2007-2443
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2443
[ 3 ]  CVE-2007-2798
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2798
--------------------------------------------------------------------------------
Updated packages:

df88d2ea6096fb63a47230d4ca059dd937475c63 krb5-workstation-servers-1.6.1-2.1.fc7.ppc64.rpm
be021d6228a34480f4aea65b3fd2eb7030f28d31 krb5-devel-1.6.1-2.1.fc7.ppc64.rpm
668a857225f2429b3e0a60906ab93659a632496e krb5-workstation-1.6.1-2.1.fc7.ppc64.rpm
66cc8e6c6e7c18c5f9c1dfb9de78d984b83cab38 krb5-debuginfo-1.6.1-2.1.fc7.ppc64.rpm
736782fb282dfd8fc94bd63c0be78456f2d3f5aa krb5-server-ldap-1.6.1-2.1.fc7.ppc64.rpm
e6c05e90c40eb8d565d9795f036b2c07365c32c2 krb5-libs-1.6.1-2.1.fc7.ppc64.rpm
018006c578577531eb00d9f70b4803f95ca4607a krb5-workstation-clients-1.6.1-2.1.fc7.ppc64.rpm
a553d46b3e40d082ad7fe4da9daf06060e48c3da krb5-server-1.6.1-2.1.fc7.ppc64.rpm
81abc9040b532b3a58c31cd8feb63c6093121816 krb5-server-1.6.1-2.1.fc7.i386.rpm
a87ee65b2aa0548ad20650f5f02bd5fc818c7e3e krb5-debuginfo-1.6.1-2.1.fc7.i386.rpm
0f4d5c529062f54899a6e0fa30c5c4acda364c5b krb5-server-ldap-1.6.1-2.1.fc7.i386.rpm
870f14b92cbc2da69d173a97de5fc2a84adbf659 krb5-workstation-1.6.1-2.1.fc7.i386.rpm
f86e1d89a0f960b34b812b7782df0671726d38a2 krb5-workstation-servers-1.6.1-2.1.fc7.i386.rpm
b637ea976e83974eaf0920ba1da3ed87229b7376 krb5-devel-1.6.1-2.1.fc7.i386.rpm
d6b8588fd9b7b8a4e3827227a8df28329b593423 krb5-libs-1.6.1-2.1.fc7.i386.rpm
47d62012d512f3dcf459d806ad91c1e9a4367f0d krb5-workstation-clients-1.6.1-2.1.fc7.i386.rpm
0bcd584dc657500f6e48a52509ba4204d973de2a krb5-server-1.6.1-2.1.fc7.x86_64.rpm
62e260640803bf73cfc1129df4b0c7468d783d92 krb5-libs-1.6.1-2.1.fc7.x86_64.rpm
87a4be95ecd88d2f45b32354a68d81689d7f7d22 krb5-debuginfo-1.6.1-2.1.fc7.x86_64.rpm
b7611a8035c01ff1213b9ce6e22dd78dc90b449d krb5-server-ldap-1.6.1-2.1.fc7.x86_64.rpm
7af913ef26ae49a143e9308b80c37292f7aefce2 krb5-devel-1.6.1-2.1.fc7.x86_64.rpm
79532c27ab270fb98a4bb5856ab848b3e3cd0901 krb5-workstation-servers-1.6.1-2.1.fc7.x86_64.rpm
780e69761e6048c9d062d19ce6587be2e3f3411a krb5-workstation-1.6.1-2.1.fc7.x86_64.rpm
9e63cf6a09b285c90be827ffc41ff305a7169c8b krb5-workstation-clients-1.6.1-2.1.fc7.x86_64.rpm
decaeb72188bdd6a0336c57c70f669616a7ac6c5 krb5-server-ldap-1.6.1-2.1.fc7.ppc.rpm
cf8ad9d66d1ff374fa82493f8f8fda2225dab378 krb5-libs-1.6.1-2.1.fc7.ppc.rpm
05592682d91e004fe89778dd4a003c5b09944ad3 krb5-server-1.6.1-2.1.fc7.ppc.rpm
d9f614ee0dfa346ad4ca06b1f1315a73b7c70edc krb5-workstation-1.6.1-2.1.fc7.ppc.rpm
a4794c770d0471033d9f035aa03b27d6bace8bcf krb5-devel-1.6.1-2.1.fc7.ppc.rpm
45d84090e08f0aa2101ff825e25e4f61ae00d4f2 krb5-debuginfo-1.6.1-2.1.fc7.ppc.rpm
8ad513773370fe35d8bee8d51c67723b709671df krb5-workstation-clients-1.6.1-2.1.fc7.ppc.rpm
e160bcf8dd15e557d949b13ac7d21c651d2296b4 krb5-workstation-servers-1.6.1-2.1.fc7.ppc.rpm
a7dbd93fc68fa19eca6f63e97a339d5912b3a0d3 krb5-1.6.1-2.1.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------