[El-errata] ELSA-2009-0408 Important: Enterprise Linux 5 krb5 security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Tue Apr 7 18:26:59 PDT 2009
Enterprise Linux Security Advisory ELSA-2009-0408
https://rhn.redhat.com/errata/RHSA-2009-0408.html
The following updated rpms for Enterprise Linux 5 have been uploaded to
the Unbreakable Linux Network:
i386:
krb5-devel-1.6.1-31.el5_3.3.i386.rpm
krb5-libs-1.6.1-31.el5_3.3.i386.rpm
krb5-server-1.6.1-31.el5_3.3.i386.rpm
krb5-workstation-1.6.1-31.el5_3.3.i386.rpm
x86_64:
krb5-devel-1.6.1-31.el5_3.3.i386.rpm
krb5-devel-1.6.1-31.el5_3.3.x86_64.rpm
krb5-libs-1.6.1-31.el5_3.3.i386.rpm
krb5-libs-1.6.1-31.el5_3.3.x86_64.rpm
krb5-server-1.6.1-31.el5_3.3.x86_64.rpm
krb5-workstation-1.6.1-31.el5_3.3.x86_64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/krb5-1.6.1-31.el5_3.3.src.rpm
Description of changes:
[1.6.1-31.el5_3.3]
- update to revised patch for CVE-2009-0844/CVE-2009-0845
[1.6.1-31.el5_3.2]
- add fix for potential buffer read overrun in the SPNEGO GSSAPI mechanism
(#490635, CVE-2009-0844)
- add fix for NULL pointer dereference when handling certain error cases
in the SPNEGO GSSAPI mechanism (#490635, CVE-2009-0845)
- add fix for attempt to free uninitialized pointer in the ASN.1 decoder
(#490635, CVE-2009-0846)
- add fix for bug in length validation in the ASN.1 decoder (CVE-2009-0847)
[1.6.1-31.el5_3.1]
- add backport of svn patch to fix a bug in how the gssapi library
handles certain error cases in gss_accept_sec_context (CVE-2009-0845,
More information about the El-errata
mailing list