[El-errata] ELSA-2014-1245 Moderate: Oracle Linux 5 krb5 security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Sep 17 10:43:14 PDT 2014
Oracle Linux Security Advisory ELSA-2014-1245
https://rhn.redhat.com/errata/RHSA-2014-1245.html
The following updated rpms for Oracle Linux 5 have been uploaded to the
Unbreakable Linux Network:
i386:
krb5-devel-1.6.1-78.el5.i386.rpm
krb5-libs-1.6.1-78.el5.i386.rpm
krb5-server-1.6.1-78.el5.i386.rpm
krb5-server-ldap-1.6.1-78.el5.i386.rpm
krb5-workstation-1.6.1-78.el5.i386.rpm
x86_64:
krb5-devel-1.6.1-78.el5.i386.rpm
krb5-devel-1.6.1-78.el5.x86_64.rpm
krb5-libs-1.6.1-78.el5.i386.rpm
krb5-libs-1.6.1-78.el5.x86_64.rpm
krb5-server-1.6.1-78.el5.x86_64.rpm
krb5-server-ldap-1.6.1-78.el5.x86_64.rpm
krb5-workstation-1.6.1-78.el5.x86_64.rpm
ia64:
krb5-devel-1.6.1-78.el5.ia64.rpm
krb5-libs-1.6.1-78.el5.i386.rpm
krb5-libs-1.6.1-78.el5.ia64.rpm
krb5-server-1.6.1-78.el5.ia64.rpm
krb5-server-ldap-1.6.1-78.el5.ia64.rpm
krb5-workstation-1.6.1-78.el5.ia64.rpm
SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/krb5-1.6.1-78.el5.src.rpm
Description of changes:
[1.6.1-78.el5]
- gssapi: pull in upstream fix for a possible NULL dereference in spnego
(CVE-2014-4344, #1121509)
[1.6.1-77.el5]
- fix what appears to be a cosmetic error in the patch for self-tests
for CVE-2014-4341
[1.6.1-76.el5]
- run the backported self-tests, such as they are, for CVE-2014-4341
[1.6.1-75.el5]
- pull in backported fix for denial of service by injection of malformed
GSSAPI tokens (CVE-2014-4341, #1121509)
[1.6.1-74.el5]
- add patch based on one from Filip Krska to not call poll() with a negative
timeout when the caller's intent is for us to just stop calling it
(#1089732)
[1.6.1-73.el5]
- incorporate backported upstream patch for remote crash of KDCs which serve
multiple realms simultaneously (RT#7756, CVE-2013-1418/CVE-2013-6800,
[1.6.1-72.el5]
- add part-backported fix to avoid possible use-after-free when encrypting
delegated creds (Jatin Nansi, #1004632)
More information about the El-errata
mailing list