[El-errata] ELSA-2010-0423 Important: Enterprise Linux 5 krb5 security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Tue May 18 19:27:01 PDT 2010
Enterprise Linux Security Advisory ELSA-2010-0423
https://rhn.redhat.com/errata/RHSA-2010-0423.html
The following updated rpms for Enterprise Linux 5 have been uploaded to
the Unbreakable Linux Network:
i386:
krb5-devel-1.6.1-36.el5_5.4.i386.rpm
krb5-libs-1.6.1-36.el5_5.4.i386.rpm
krb5-server-1.6.1-36.el5_5.4.i386.rpm
krb5-workstation-1.6.1-36.el5_5.4.i386.rpm
x86_64:
krb5-devel-1.6.1-36.el5_5.4.i386.rpm
krb5-devel-1.6.1-36.el5_5.4.x86_64.rpm
krb5-libs-1.6.1-36.el5_5.4.i386.rpm
krb5-libs-1.6.1-36.el5_5.4.x86_64.rpm
krb5-server-1.6.1-36.el5_5.4.x86_64.rpm
krb5-workstation-1.6.1-36.el5_5.4.x86_64.rpm
ia64:
krb5-devel-1.6.1-36.el5_5.4.ia64.rpm
krb5-libs-1.6.1-36.el5_5.4.i386.rpm
krb5-libs-1.6.1-36.el5_5.4.ia64.rpm
krb5-server-1.6.1-36.el5_5.4.ia64.rpm
krb5-workstation-1.6.1-36.el5_5.4.ia64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/krb5-1.6.1-36.el5_5.4.src.rpm
Description of changes:
[1.6.1-36.el5_5.4]
- add candidate patch to correct KDC null pointer dereference which
could be triggered by malformed client requests (CVE-2010-1321, #583703)
[1.6.1-36.el5_5.3]
- add upstream patch to fix a few use-after-free bugs, including one in
kadmind (CVE-2010-0629, #578185)
More information about the El-errata
mailing list