[UCI-Linux] Nalin Dahyabhai: [SECURITY] Fedora Core 1 Update: krb5-1.3.4-5

Mike Iglesias IGLESIAS at uci.edu
Wed Sep 1 10:09:57 PDT 2004


Date: Tue, 31 Aug 2004 14:24:47 -0400
From: Nalin Dahyabhai <nalin at redhat.com>
To: fedora-announce-list at redhat.com
Subject: [SECURITY] Fedora Core 1 Update: krb5-1.3.4-5


--===============0961163792==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="mYCpIKhGyMATD0i+"
Content-Disposition: inline


--mYCpIKhGyMATD0i+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-276
2004-08-31
---------------------------------------------------------------------

Product     : Fedora Core 1
Name        : krb5
Version     : 1.3.4                     =20
Release     : 5                 =20
Summary     : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

---------------------------------------------------------------------
Update Information:

Kerberos is a networked authentication system which uses a trusted
third party (a KDC) to authenticate clients and servers to each
other.

Several double-free bugs were found in the Kerberos 5 KDC and
libraries. A remote attacker could potentially exploit these flaws to
execute arbitrary code. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the names CAN-2004-0642 and
CAN-2004-0643 to these issues.

A double-free bug was also found in the krb524 server
(CAN-2004-0772), however this issue does not affect Fedora Core.

An infinite loop bug was found in the Kerberos 5 ASN.1 decoder
library. A remote attacker may be able to trigger this flaw and cause
a denial of service. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0644 to this issue.

---------------------------------------------------------------------
* Tue Aug 24 2004 Nalin Dahyabhai <nalin at redhat.com> 1.3.4-5

- incorporate revised fixes from Tom Yu for CAN-2004-0642, CAN-2004-0644,
  CAN-2004-0772

* Mon Aug 23 2004 Nalin Dahyabhai <nalin at redhat.com> 1.3.4-4

- rebuild

* Mon Aug 23 2004 Nalin Dahyabhai <nalin at redhat.com> 1.3.4-3

- incorporate fixes from Tom Yu for CAN-2004-0642, CAN-2004-0772
  (MITKRB5-SA-2004-002, #130732)
- incorporate fixes from Tom Yu for CAN-2004-0644 (MITKRB5-SA-2004-003, #13=
0732)

* Tue Jul 27 2004 Nalin Dahyabhai <nalin at redhat.com> 1.3.4-2

- fix indexing error in server sorting patch (#127336)

* Tue Jun 15 2004 Elliot Lee <sopwith at redhat.com>

- rebuilt

* Mon Jun 14 2004 Nalin Dahyabhai <nalin at redhat.com> 1.3.4-0.1

- update to 1.3.4 final

* Mon Jun 07 2004 Nalin Dahyabhai <nalin at redhat.com> 1.3.4-0

- update to 1.3.4 beta1
- remove MITKRB5-SA-2004-001, included in 1.3.4

* Mon Jun 07 2004 Nalin Dahyabhai <nalin at redhat.com> 1.3.3-8

- rebuild

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

215744598787e8555852a42346523ff0  SRPMS/krb5-1.3.4-5.src.rpm
0bdb0a2c01e7682ac61009e86eb79c92  x86_64/krb5-devel-1.3.4-5.x86_64.rpm
575fa819175d43d6835867acb616da45  x86_64/krb5-libs-1.3.4-5.x86_64.rpm
2417f376a3f96de6514432efd70ba550  x86_64/krb5-server-1.3.4-5.x86_64.rpm
f79c01f71dd81127946c5e951ee3fa70  x86_64/krb5-workstation-1.3.4-5.x86_64.rpm
43fd30f8236c8a05edc726d7a9a318c9  x86_64/debug/krb5-debuginfo-1.3.4-5.x86_6=
4.rpm
90924e3b1aa64f7e0780613e49d97a77  x86_64/krb5-libs-1.3.4-5.i386.rpm
201f89557be28e3cbcf6c7e2d23187d0  i386/krb5-devel-1.3.4-5.i386.rpm
90924e3b1aa64f7e0780613e49d97a77  i386/krb5-libs-1.3.4-5.i386.rpm
0ea73ac3eeb55350d9ae5b2bcdf33059  i386/krb5-server-1.3.4-5.i386.rpm
69ecbbe96b6b900c0a8b5f5d76fffbab  i386/krb5-workstation-1.3.4-5.i386.rpm
dfb27688cf0416cb9c051e9df0bbe5ab  i386/debug/krb5-debuginfo-1.3.4-5.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command. =20
---------------------------------------------------------------------


--mYCpIKhGyMATD0i+
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFBNMJrN5vOV3hoi/URAnb8AKCULnNn3DmE8sqyYhHsnmbnw8b/2QCg4Yt7
feruXXynPyxb51cOe9kpjgQ=
=/R5W
-----END PGP SIGNATURE-----

--mYCpIKhGyMATD0i+--



--===============0961163792==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
fedora-announce-list mailing list
fedora-announce-list at redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

--===============0961163792==--



More information about the UCI-Linux mailing list