[El-errata] ELSA-2018-0666 Moderate: Oracle Linux 7 krb5 security, bug fix, and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Apr 17 10:55:33 PDT 2018
Oracle Linux Security Advisory ELSA-2018-0666
http://linux.oracle.com/errata/ELSA-2018-0666.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
krb5-devel-1.15.1-18.el7.i686.rpm
krb5-devel-1.15.1-18.el7.x86_64.rpm
krb5-libs-1.15.1-18.el7.i686.rpm
krb5-libs-1.15.1-18.el7.x86_64.rpm
krb5-pkinit-1.15.1-18.el7.x86_64.rpm
krb5-server-1.15.1-18.el7.x86_64.rpm
krb5-server-ldap-1.15.1-18.el7.x86_64.rpm
krb5-workstation-1.15.1-18.el7.x86_64.rpm
libkadm5-1.15.1-18.el7.i686.rpm
libkadm5-1.15.1-18.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/krb5-1.15.1-18.el7.src.rpm
Description of changes:
[1.15.1-18]
- Expose context errors in pkinit_server_plugin_init
- Resolves: #1460089
[1.15.1-17]
- Drop certauth test changes that prevented runnig it
- Resolves: #1498767
[1.15.1-16]
- Drop irrelevant DIR trigger logic
- Resolves: #1431198
[1.15.1-15]
- Fix CVE-2017-7562 (certauth eku bypass)
- Resolves: #1498767
[1.15.1-14]
- Fix CVE-2017-11368 (s4u2 request assertion failures)
- Resolves: #1498768
[1.15.1-13]
- Force-add /etc/krb5.conf.d so we can guarantee it exists
- Resolves: #1431198
[1.15.1-12]
- Add krb5 policy plugin interface
- Remove soname downgrade
- Resolves: #1462982
[1.15.1-11]
- Make t_certauth.py runnable
- Resolves: #1443388
[1.15.1-10]
- Add context SSF query support
- Resolves: #1472956
[1.15.1-9]
- Remove incomplete PKINIT OCSP support
- Resolves: #1460089
More information about the El-errata
mailing list