|
|
Subscribe / Log in / New account

Oracle alert ELSA-2013-0656 (krb5)



From:
    	      Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 


To:
    	      el-errata@oss.oracle.com 


Subject:
    	      [El-errata] ELSA-2013-0656 Moderate: Oracle Linux 6 krb5 security
	update 


Date:
    	      Mon, 18 Mar 2013 21:06:40 -0700


Message-ID:
    	      <5147E450.90702@oracle.com>



Oracle Linux Security Advisory ELSA-2013-0656

https://rhn.redhat.com/errata/RHSA-2013-0656.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
krb5-devel-1.10.3-10.el6_4.1.i686.rpm
krb5-libs-1.10.3-10.el6_4.1.i686.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.1.i686.rpm
krb5-server-1.10.3-10.el6_4.1.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.1.i686.rpm
krb5-workstation-1.10.3-10.el6_4.1.i686.rpm

x86_64:
krb5-devel-1.10.3-10.el6_4.1.i686.rpm
krb5-devel-1.10.3-10.el6_4.1.x86_64.rpm
krb5-libs-1.10.3-10.el6_4.1.i686.rpm
krb5-libs-1.10.3-10.el6_4.1.x86_64.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.1.x86_64.rpm
krb5-server-1.10.3-10.el6_4.1.x86_64.rpm
krb5-server-ldap-1.10.3-10.el6_4.1.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.1.x86_64.rpm
krb5-workstation-1.10.3-10.el6_4.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/krb5-1.10.3-10.el...



Description of changes:

[1.10.3-10.1]
- incorporate upstream patch to fix a NULL pointer dereference when the 
client
   supplies an otherwise-normal-looking PKINIT request (CVE-2013-1415, 
#917909)
- add patch to avoid dereferencing a NULL pointer in the KDC when handling a
   draft9 PKINIT request (#917909, CVE-2012-1016)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds