[El-errata] ELSA-2009-0410 Critical: Enterprise Linux 3 krb5 security update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Tue Apr 7 18:27:32 PDT 2009


Enterprise Linux Security Advisory ELSA-2009-0410

https://rhn.redhat.com/errata/RHSA-2009-0410.html

The following updated rpms for Enterprise Linux 3 have been uploaded to 
the Unbreakable Linux Network:

i386:
krb5-devel-1.2.7-70.i386.rpm
krb5-libs-1.2.7-70.i386.rpm
krb5-server-1.2.7-70.i386.rpm
krb5-workstation-1.2.7-70.i386.rpm

x86_64:
krb5-devel-1.2.7-70.x86_64.rpm
krb5-libs-1.2.7-70.i386.rpm
krb5-libs-1.2.7-70.x86_64.rpm
krb5-server-1.2.7-70.x86_64.rpm
krb5-workstation-1.2.7-70.x86_64.rpm

SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/krb5-1.2.7-70.src.rpm

Description of changes:

[1.2.7-70]
- override $(SHLIB_EXPFLAGS) at build-time to ensure that shared libraries
  don't include an RPATH (internal tools)

[1.2.7-69]
- add backported fix for attempt to free uninitialized pointer in the ASN.1
  decoder (#491834, CVE-2009-0846)
- add backported fix for bug in length validation in the ASN.1 decoder
  (CVE-2009-0847)





More information about the El-errata mailing list