LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2008-7987 (ipa)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 8 Update: ipa-1.1.0-4.fc8


Date:
    	      Fri, 12 Sep 2008 05:13:48 +0000


Message-ID:
    	      <20080912051348.C132E208D98@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-7987
2008-09-12 04:00:29
--------------------------------------------------------------------------------

Name        : ipa
Product     : Fedora 8
Version     : 1.1.0
Release     : 4.fc8
URL         : http://www.freeipa.org/
Summary     : The Identity, Policy and Audit system
Description :
IPA is an integrated solution to provide centrally managed Identity (machine,
user, virtual machines, groups, authentication credentials), Policy
(configuration settings, access control information) and Audit (events,
logs, analysis thereof).

--------------------------------------------------------------------------------
Update Information:

Security update to address Kerberos master password disclosure flaw
(CVE-2008-3274).    A simple update is not sufficient to resolve the security
issue.  Please *carefully* follow the upgrade instructions at:
http://freeipa.org/page/CVE-2008-3274
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 10 2008 Simo Sorce <ssorce@redhat.com> - 1.1.0-4
- Fix for CVE-2008-3274
- Fix segfault in ipa-kpasswd in case getifaddrs returns a NULL interface
* Sun Jun 29 2008 Simo Sorce <ssorce@redhat.com> - 1.1.0-3
- Add fix for bug #453185
* Mon Jun 23 2008 Simo Sorce <ssorce@redhat.com> - 1.1.0-2
- Rebuild against openldap libraries, mozldap ones do not work properly
* Wed Jun 11 2008 Rob Crittenden <rcritten@redhat.com> - 1.1.0-1
- Update to upstream version 1.1.0
- Patch for indexing memberof attribute
- Patch for indexing uidnumber and gidnumber
- Patch to change DNA default values for replicas
- Patch to fix uninitialized variable in ipa-getkeytab
* Fri May 23 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-4
- Add Requires for python-configobj to ipa-admintools
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #457835 - CVE-2008-3274 IPA Kerberos master password disclosure
        https://bugzilla.redhat.com/show_bug.cgi?id=457835
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ipa' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds