Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora Core 6: 2007-621 Moderate: krb5 Buffer Overflow and RPC Fix

fedora
Calendar Grey June 29, 2007
Dist Fedora Esm H88
The recent krb5 patch in Fedora tackles serious security flaws involving stack buffer overflows and heap corruption within the RPC services and the kadmind component.
This update incorporates fixes for a stack buffer overflow and heap corruption in the RPC library, and a fix for a potential stack buffer overflow in kadmind.

Summary

Kerberos V5 is a trusted-third-party network authentication system,

which can improve your network's security by eliminating the insecure

practice of cleartext passwords.

This update incorporates fixes for a stack buffer overflow

and heap corruption in the RPC library, and a fix for a

potential stack buffer overflow in kadmind.

- incorporate fixes for MITKRB5-SA-2007-004 (CVE-2007-2442,CVE-2007-2443)

and MITKRB5-SA-2007-005 (CVE-2007-2798)

e2a843a2baea968130a4b9ff87d0f81995815c17 SRPMS/krb5-1.5-21.1.src.rpm

e2a843a2baea968130a4b9ff87d0f81995815c17 noarch/krb5-1.5-21.1.src.rpm

708c11e9914d333cec25e1e6178386749c16c874 ppc/krb5-server-1.5-21.1.ppc.rpm

534e63b60e95c9e52f107c3e44c989d7a9fa9e90 ppc/krb5-devel-1.5-21.1.ppc.rpm

9bd146132cc34c778a0baa7dbbe1b61961f9775d ppc/krb5-workstation-1.5-21.1.ppc.rpm

4dbefb940fe3ae3598dcd5a0efd4e7b0b2ca1b31 ppc/krb5-libs-1.5-21.1.ppc.rpm

3bf9d87e352cb4f80dbe89c1299321971c3f226c ppc/debug/krb5-debuginfo-1.5-21.1.ppc.rpm

dd12057d1161022ec07fb5905803499c2bbf933d x86_64/krb5-server-1.5-21.1.x86_64.rpm

7603f031b79a4689a2a335c2305c4bf3105cd1c3 x86_64/krb5-devel-1.5-21.1.x86_64.rpm

3c49b537d6881599e249494a4004dd780d9c6b45 x86_64/krb5-workstation-1.5-21.1.x86_64.rpm

f40b1a204d26765a28e887854c8d603e10bc09e4 x86_64/debug/krb5-debuginfo-1.5-21.1.x86_64.rpm

20b0d93025690fc3f515f220f8f0caf646ff7576 x86_64/krb5-libs-1.5-21.1.x86_64.rpm

1b3c0a6fec38a1e165da4a506c68f6585f8f9b8a i386/krb5-workstation-1.5-21.1.i386.rpm

872bb01b8e2cafc5478bf912ff9f5e46d58db1cc i386/debug/krb5-debuginfo-1.5-21.1.i386.rpm

8d167e573d2dc1d2f4f069bccab31a3baaa304b6 i386/krb5-libs-1.5-21.1.i386.rpm

b297c915d9816ba0910125d7edba63a5352885fe i386/krb5-devel-1.5-21.1.i386.rpm

73e1a22a6a698126a337e6a8722f1509fd861d1b i386/krb5-server-1.5-21.1.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory moderate buffer overflow Fedora Kerberos RPC library kadmind

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Name: krb5
Version: 1.5
Release: 21.1
Summary: The Kerberos network authentication system.

Topics%20covered

Topics Covered

security advisory moderate buffer overflow Fedora Kerberos RPC library kadmind

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here