Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 41: krb5 2024-c0961d31b8 Security Advisory Updates

fedora
Calendar Grey November 2, 2024
Dist Fedora Esm H88
Updates for the krb5 package in Fedora 41 addressing critical BlastRADIUS security fix and PKINIT changes.
Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad (support for Message-Authenticator attribute) Marvin attack: Removal of the "RSA" method for PKINIT Fix of mis...

Summary

Kerberos V5 is a trusted-third-party network authentication system,

which can improve your network's security by eliminating the insecure

practice of sending passwords over the network in unencrypted form.

Update Information:

Security: CVE-2024-3596: Fix for BlastRADIUS vulnerability in libkrad (support for Message-Authenticator attribute) Marvin attack: Removal of the "RSA" method for PKINIT Fix of miscellaneous mistakes in the code Enhancement: Rework of TCP request timeout (disabled by default, global timeout setting added)

Topics%20covered

Topics Covered

No topics assigned

Change Log

* Wed Oct 30 2024 Julien Rische - 1.21.3-3 - libkrad: implement support for Message-Authenticator (CVE-2024-3596) Resolves: rhbz#2304071 - Fix various issues detected by static analysis Resolves: rhbz#2322704 - Remove RSA protocol for PKINIT Resolves: rhbz#2322706 - Make TCP waiting time configurable Resolves: rhbz#2322711

References


[ 1 ] Bug #2304071 - libkrad: implement support for Message-Authenticator (CVE-2024-3596) https://bugzilla.redhat.com/show_bug.cgi?id=2304071 [ 2 ] Bug #2322704 - Fix various issues detected by static analysis https://bugzilla.redhat.com/show_bug.cgi?id=2322704 [ 3 ] Bug #2322706 - Remove RSA protocol for PKINIT https://bugzilla.redhat.com/show_bug.cgi?id=2322706 [ 4 ] Bug #2322711 - Make TCP waiting time configurable https://bugzilla.redhat.com/show_bug.cgi?id=2322711

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-c0961d31b8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: krb5
Product: Fedora 41
Version: 1.21.3
Release: 3.fc41
URL: https://web.mit.edu/kerberos/www/
Summary: The Kerberos network authentication system

Topics%20covered

Topics Covered

No topics assigned

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here