Oracle alert ELSA-2015-0794 (krb5)
| From: | Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2015-0794 Moderate: Oracle Linux 6 krb5 security update | |
| Date: | Thu, 09 Apr 2015 07:49:39 -0700 | |
| Message-ID: | <55269183.7000208@oracle.com> |
Oracle Linux Security Advisory ELSA-2015-0794 http://linux.oracle.com/errata/ELSA-2015-0794.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: krb5-devel-1.10.3-37.el6_6.i686.rpm krb5-libs-1.10.3-37.el6_6.i686.rpm krb5-pkinit-openssl-1.10.3-37.el6_6.i686.rpm krb5-server-1.10.3-37.el6_6.i686.rpm krb5-server-ldap-1.10.3-37.el6_6.i686.rpm krb5-workstation-1.10.3-37.el6_6.i686.rpm x86_64: krb5-devel-1.10.3-37.el6_6.i686.rpm krb5-devel-1.10.3-37.el6_6.x86_64.rpm krb5-libs-1.10.3-37.el6_6.i686.rpm krb5-libs-1.10.3-37.el6_6.x86_64.rpm krb5-pkinit-openssl-1.10.3-37.el6_6.x86_64.rpm krb5-server-1.10.3-37.el6_6.x86_64.rpm krb5-server-ldap-1.10.3-37.el6_6.i686.rpm krb5-server-ldap-1.10.3-37.el6_6.x86_64.rpm krb5-workstation-1.10.3-37.el6_6.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/krb5-1.10.3-37.el... Description of changes: [1.10.3-37] - fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated denial of service in recvauth_common() and others" [1.10.3-36] - fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy name crash" [1.10.3-35] - Changelog fixes to make errata subsystem happy. [1.10.3-34] - fix for CVE-2014-5352 (#1179856) "gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)" - fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)" - fix for CVE-2014-9422 (#1179861) "kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)" _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata