Oracle Linux 8: ELSA-2024-8860 critical: krb5 race condition
oracle
November 6, 2024
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Summary
[1.18.2-30.0.1] - Fixed race condition in krb5_set_password() [Orabug: 33609767] [1.18.2-30] - libkrad: implement support for Message-Authenticator (CVE-2024-3596) Resolves: RHEL-50253 - Remove RSA protocol for PKINIT Resolves: RHEL-17616
Topics Covered
SRPMs
http://oss.oracle.com/ol8/SRPMS-updates//krb5-1.18.2-30.0.1.el8_10.src.rpm
x86_64
krb5-devel-1.18.2-30.0.1.el8_10.i686.rpm krb5-devel-1.18.2-30.0.1.el8_10.x86_64.rpm krb5-libs-1.18.2-30.0.1.el8_10.i686.rpm krb5-libs-1.18.2-30.0.1.el8_10.x86_64.rpm krb5-pkinit-1.18.2-30.0.1.el8_10.i686.rpm krb5-pkinit-1.18.2-30.0.1.el8_10.x86_64.rpm krb5-server-1.18.2-30.0.1.el8_10.i686.rpm krb5-server-1.18.2-30.0.1.el8_10.x86_64.rpm krb5-server-ldap-1.18.2-30.0.1.el8_10.i686.rpm krb5-server-ldap-1.18.2-30.0.1.el8_10.x86_64.rpm krb5-workstation-1.18.2-30.0.1.el8_10.x86_64.rpm libkadm5-1.18.2-30.0.1.el8_10.i686.rpm libkadm5-1.18.2-30.0.1.el8_10.x86_64.rpm
aarch64
krb5-devel-1.18.2-30.0.1.el8_10.aarch64.rpm krb5-libs-1.18.2-30.0.1.el8_10.aarch64.rpm krb5-pkinit-1.18.2-30.0.1.el8_10.aarch64.rpm krb5-server-1.18.2-30.0.1.el8_10.aarch64.rpm krb5-server-ldap-1.18.2-30.0.1.el8_10.aarch64.rpm krb5-workstation-1.18.2-30.0.1.el8_10.aarch64.rpm libkadm5-1.18.2-30.0.1.el8_10.aarch64.rpm
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Related CVEs: CVE-2024-3596
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!