LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Oracle alert ELSA-2012-0306 (krb5)



From:
    	      Errata Announcements for Oracle Linux <el-errata@oracle.com> 


To:
    	      el-errata@oss.oracle.com 


Subject:
    	      [El-errata] ELSA-2012-0306 Low: Oracle Linux 5 krb5 security and
	bug fix update 


Date:
    	      Wed, 07 Mar 2012 15:38:42 -0800


Message-ID:
    	      <4F57F182.5070501@oracle.com>


Archive-link:
    	      Article, Thread
              


Oracle Linux Security Advisory ELSA-2012-0306

https://rhn.redhat.com/errata/RHSA-2012-0306.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
krb5-devel-1.6.1-70.el5.i386.rpm
krb5-libs-1.6.1-70.el5.i386.rpm
krb5-server-1.6.1-70.el5.i386.rpm
krb5-server-ldap-1.6.1-70.el5.i386.rpm
krb5-workstation-1.6.1-70.el5.i386.rpm

x86_64:
krb5-devel-1.6.1-70.el5.i386.rpm
krb5-devel-1.6.1-70.el5.x86_64.rpm
krb5-libs-1.6.1-70.el5.i386.rpm
krb5-libs-1.6.1-70.el5.x86_64.rpm
krb5-server-1.6.1-70.el5.x86_64.rpm
krb5-server-ldap-1.6.1-70.el5.x86_64.rpm
krb5-workstation-1.6.1-70.el5.x86_64.rpm

ia64:
krb5-devel-1.6.1-70.el5.ia64.rpm
krb5-libs-1.6.1-70.el5.i386.rpm
krb5-libs-1.6.1-70.el5.ia64.rpm
krb5-server-1.6.1-70.el5.ia64.rpm
krb5-server-ldap-1.6.1-70.el5.ia64.rpm
krb5-workstation-1.6.1-70.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/krb5-1.6.1-70.el5...


Description of changes:

[1.6.1-70.el5]
- add upstream patch for telnetd buffer overflow (CVE-2011-4862, #770351)

[1.6.1-69.el5]
- ftp: fix a static analysis should-never-happen NULL dereference (#750823)

[1.6.1-68.el5]
- backport fixes to teach libkrb5 to use descriptors higher than FD_SETSIZE
   to talk to a KDC by using poll() if it's detected at compile-time, 
revised
   (#701444, RT#6905)

[1.6.1-67.el5]
- add backported patch by way of jbarbuc to free subkeys created by the
   KDC while processing TGS requests (#708516)

[1.6.1-66.el5]
- add backported patch by way of several people to better avoid false
   detection of replay attacks when talking to systems with coarse time
   resolution (#713500)

[1.6.1-65.el5]
- ftpd: add backported patch to check for errors when calling setegid
   (MITKRB5-SA-2011-005, CVE-2011-1526, #719098)

[1.6.1-64.el5]
- klist: don't trip over referral entries when invoked with -s (#729067,
   RT#6915)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
http://oss.oracle.com/mailman/listinfo/el-errata
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds