Fedora 27: Heimdal Security Advisory CVE-2017-17439 Critical Threat

Kerberos 5 is a network authentication and single sign-on system.

Heimdal is a free Kerberos 5 implementation without export restrictions

written from the spec (rfc1510 and successors) including advanced features

like thread safety, IPv6, master-slave replication of Kerberos Key

Distribution Center server and support for ticket delegation (S4U2Self,

S4U2Proxy).

This package can coexist with MIT Kerberos 5 packages. Hesiod is disabled

by default since it is deemed too big a security risk by the packager.

Update to 7.5.0 GA release (CVE-2017-17439)

[ 1 ] Bug #1524546 - CVE-2017-17439 heimdal: NULL pointer dereference via crafted UDP packets

https://bugzilla.redhat.com/show_bug.cgi?id=1524546

su -c 'dnf upgrade heimdal' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org