Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Red Hat: RHSA-2007:0795-01 Moderate: cyrus-sasl DoS Attack Fix

red hat
Calendar Grey September 4, 2007
Dist Redhat Esm H88
Significant security enhancement for cyrus-sasl tackling urgent authentication vulnerabilities and Denial of Service threats on Red Hat platforms.
An updated cyrus-sasl package that addresses a security issue and fixes various other bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having m...

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

157012 - [RFE] cyrus-sasl should use /dev/urandom by default 189814 - CVE-2006-1721 cyrus-sasl digest-md5 DoS 190113 - Missing build dependancy for zlib-devel in cyrus-sasl 243910 - krb5-libs are not thread-safe 244075 - Memory leaks in digest-md5 plugin 250732 - sasl-sample-server crash

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: 4949e987f4a486518ed80c970bba211d cyrus-sasl-2.1.19-14.src.rpm

i386: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 7068dd09926d9ddc3b4307d19ee79082 cyrus-sasl-devel-2.1.19-14.i386.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm

ia64: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm d61ba4984d550098f90c81ebed27a84a cyrus-sasl-2.1.19-14.ia64.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 4f47f79d4ec909f4508f045ff8c0ff3a cyrus-sasl-debuginfo-2.1.19-14.ia64.rpm 5a6e3fbb46fa1c46439f3f645e3a18c0 cyrus-sasl-devel-2.1.19-14.ia64.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm f791bbff376bf7b9e347f1528b9326be cyrus-sasl-gssapi-2.1.19-14.ia64.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 9b54fa31b202d2436455fbb9a09423ea cyrus-sasl-md5-2.1.19-14.ia64.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm 2e2d77ba2b34d1370209188b4cfc003c cyrus-sasl-ntlm-2.1.19-14.ia64.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm ca0d49a8813a480782107fc2df5fd30a cyrus-sasl-plain-2.1.19-14.ia64.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm f384677d9fd1c9474d75fc7fad3f725a cyrus-sasl-sql-2.1.19-14.ia64.rpm

ppc: 1bee1308d0f7df5f3def8aa5552e5f59 cyrus-sasl-2.1.19-14.ppc.rpm 37f022c461682f2f856f73aadb8d1093 cyrus-sasl-2.1.19-14.ppc64.rpm a1fef82dc392efa7f03f5c1bd65af5ea cyrus-sasl-debuginfo-2.1.19-14.ppc.rpm 42434fd0d90cfa3b1f3e86bc9ca60850 cyrus-sasl-debuginfo-2.1.19-14.ppc64.rpm dd4402566019a237d8b921409a28f501 cyrus-sasl-devel-2.1.19-14.ppc.rpm 6a2c9da727c0a488345cf24f8a86c6c0 cyrus-sasl-gssapi-2.1.19-14.ppc.rpm bd4c5c43c185b954f5b41df65d557198 cyrus-sasl-gssapi-2.1.19-14.ppc64.rpm 6a13d09d38cf4d851af050795216481f cyrus-sasl-md5-2.1.19-14.ppc.rpm d4877c245e9bef3d88f3e45ce38332c6 cyrus-sasl-md5-2.1.19-14.ppc64.rpm ab2d30cffd6fd4e96926a6fcf53e4573 cyrus-sasl-ntlm-2.1.19-14.ppc.rpm e47fc3eae285aa44382096f97065b628 cyrus-sasl-ntlm-2.1.19-14.ppc64.rpm df264d66db2dacac26d24240c3362b49 cyrus-sasl-plain-2.1.19-14.ppc.rpm 480a450422f946db4cc0925d466ef57f cyrus-sasl-plain-2.1.19-14.ppc64.rpm 1cac99f90c274ec28bd145abd7f9d9ba cyrus-sasl-sql-2.1.19-14.ppc.rpm d55ea315de0d77d9e194ab63e2ecfb48 cyrus-sasl-sql-2.1.19-14.ppc64.rpm

s390: 15533cdce06a7c5a1079a08a097a9a1c cyrus-sasl-2.1.19-14.s390.rpm 70d4068375e7e993265522f46f69890f cyrus-sasl-debuginfo-2.1.19-14.s390.rpm 2bc24a9f498c860047bc2f4f8daf79fc cyrus-sasl-devel-2.1.19-14.s390.rpm 38587346f7d8d8acfbabff1bb05f4c9f cyrus-sasl-gssapi-2.1.19-14.s390.rpm ee9069c61094193bda649718d8c77b28 cyrus-sasl-md5-2.1.19-14.s390.rpm 3ea060f95afd5cbce9ab882f27c57741 cyrus-sasl-ntlm-2.1.19-14.s390.rpm 05f3e1384bec859a0126206f3e6b13b4 cyrus-sasl-plain-2.1.19-14.s390.rpm d1e711f5718ea68c87d99c0ffd3c0bec cyrus-sasl-sql-2.1.19-14.s390.rpm

s390x: 15533cdce06a7c5a1079a08a097a9a1c cyrus-sasl-2.1.19-14.s390.rpm 7db2a7b22a1e411ddfea522cc5d8c2ec cyrus-sasl-2.1.19-14.s390x.rpm 70d4068375e7e993265522f46f69890f cyrus-sasl-debuginfo-2.1.19-14.s390.rpm 09b71a85d1bee1ac32410e0ad2329f33 cyrus-sasl-debuginfo-2.1.19-14.s390x.rpm a9adead19ee9b315a850c2fa4f81f45f cyrus-sasl-devel-2.1.19-14.s390x.rpm 38587346f7d8d8acfbabff1bb05f4c9f cyrus-sasl-gssapi-2.1.19-14.s390.rpm 682070a715195d47eb7254fc336c4aed cyrus-sasl-gssapi-2.1.19-14.s390x.rpm ee9069c61094193bda649718d8c77b28 cyrus-sasl-md5-2.1.19-14.s390.rpm e1138dad2af8a9ac592a86660c7570de cyrus-sasl-md5-2.1.19-14.s390x.rpm 3ea060f95afd5cbce9ab882f27c57741 cyrus-sasl-ntlm-2.1.19-14.s390.rpm 331cc569dbed048896125cbd9b658afe cyrus-sasl-ntlm-2.1.19-14.s390x.rpm 05f3e1384bec859a0126206f3e6b13b4 cyrus-sasl-plain-2.1.19-14.s390.rpm 6a6025226b1261491d91f64094d2bd2e cyrus-sasl-plain-2.1.19-14.s390x.rpm d1e711f5718ea68c87d99c0ffd3c0bec cyrus-sasl-sql-2.1.19-14.s390.rpm 60e5ad162702acb8ed6a13dc601d1260 cyrus-sasl-sql-2.1.19-14.s390x.rpm

x86_64: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm d1e5005820c522f8f847de220e85119e cyrus-sasl-2.1.19-14.x86_64.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 6deb1667f7ed365c1618742aa3494736 cyrus-sasl-debuginfo-2.1.19-14.x86_64.rpm 7a363042e12b94b32e74b9edf820e2cb cyrus-sasl-devel-2.1.19-14.x86_64.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm 485846dfccf7ff8382b9285ce4c22802 cyrus-sasl-gssapi-2.1.19-14.x86_64.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 74f41d53a2ba7a2d825eca4e68c5826a cyrus-sasl-md5-2.1.19-14.x86_64.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm 21fffca415363bf3205a1acad5d7a707 cyrus-sasl-ntlm-2.1.19-14.x86_64.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm c13b35aa40480e1615c1388c2cd42934 cyrus-sasl-plain-2.1.19-14.x86_64.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm b2969d17575d799403a0a5afe586a4d3 cyrus-sasl-sql-2.1.19-14.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 4949e987f4a486518ed80c970bba211d cyrus-sasl-2.1.19-14.src.rpm

i386: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 7068dd09926d9ddc3b4307d19ee79082 cyrus-sasl-devel-2.1.19-14.i386.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm

x86_64: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm d1e5005820c522f8f847de220e85119e cyrus-sasl-2.1.19-14.x86_64.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 6deb1667f7ed365c1618742aa3494736 cyrus-sasl-debuginfo-2.1.19-14.x86_64.rpm 7a363042e12b94b32e74b9edf820e2cb cyrus-sasl-devel-2.1.19-14.x86_64.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm 485846dfccf7ff8382b9285ce4c22802 cyrus-sasl-gssapi-2.1.19-14.x86_64.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 74f41d53a2ba7a2d825eca4e68c5826a cyrus-sasl-md5-2.1.19-14.x86_64.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm 21fffca415363bf3205a1acad5d7a707 cyrus-sasl-ntlm-2.1.19-14.x86_64.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm c13b35aa40480e1615c1388c2cd42934 cyrus-sasl-plain-2.1.19-14.x86_64.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm b2969d17575d799403a0a5afe586a4d3 cyrus-sasl-sql-2.1.19-14.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 4949e987f4a486518ed80c970bba211d cyrus-sasl-2.1.19-14.src.rpm

i386: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 7068dd09926d9ddc3b4307d19ee79082 cyrus-sasl-devel-2.1.19-14.i386.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm

ia64: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm d61ba4984d550098f90c81ebed27a84a cyrus-sasl-2.1.19-14.ia64.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 4f47f79d4ec909f4508f045ff8c0ff3a cyrus-sasl-debuginfo-2.1.19-14.ia64.rpm 5a6e3fbb46fa1c46439f3f645e3a18c0 cyrus-sasl-devel-2.1.19-14.ia64.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm f791bbff376bf7b9e347f1528b9326be cyrus-sasl-gssapi-2.1.19-14.ia64.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 9b54fa31b202d2436455fbb9a09423ea cyrus-sasl-md5-2.1.19-14.ia64.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm 2e2d77ba2b34d1370209188b4cfc003c cyrus-sasl-ntlm-2.1.19-14.ia64.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm ca0d49a8813a480782107fc2df5fd30a cyrus-sasl-plain-2.1.19-14.ia64.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm f384677d9fd1c9474d75fc7fad3f725a cyrus-sasl-sql-2.1.19-14.ia64.rpm

x86_64: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm d1e5005820c522f8f847de220e85119e cyrus-sasl-2.1.19-14.x86_64.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 6deb1667f7ed365c1618742aa3494736 cyrus-sasl-debuginfo-2.1.19-14.x86_64.rpm 7a363042e12b94b32e74b9edf820e2cb cyrus-sasl-devel-2.1.19-14.x86_64.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm 485846dfccf7ff8382b9285ce4c22802 cyrus-sasl-gssapi-2.1.19-14.x86_64.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 74f41d53a2ba7a2d825eca4e68c5826a cyrus-sasl-md5-2.1.19-14.x86_64.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm 21fffca415363bf3205a1acad5d7a707 cyrus-sasl-ntlm-2.1.19-14.x86_64.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm c13b35aa40480e1615c1388c2cd42934 cyrus-sasl-plain-2.1.19-14.x86_64.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm b2969d17575d799403a0a5afe586a4d3 cyrus-sasl-sql-2.1.19-14.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 4949e987f4a486518ed80c970bba211d cyrus-sasl-2.1.19-14.src.rpm

i386: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 7068dd09926d9ddc3b4307d19ee79082 cyrus-sasl-devel-2.1.19-14.i386.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm

ia64: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm d61ba4984d550098f90c81ebed27a84a cyrus-sasl-2.1.19-14.ia64.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 4f47f79d4ec909f4508f045ff8c0ff3a cyrus-sasl-debuginfo-2.1.19-14.ia64.rpm 5a6e3fbb46fa1c46439f3f645e3a18c0 cyrus-sasl-devel-2.1.19-14.ia64.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm f791bbff376bf7b9e347f1528b9326be cyrus-sasl-gssapi-2.1.19-14.ia64.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 9b54fa31b202d2436455fbb9a09423ea cyrus-sasl-md5-2.1.19-14.ia64.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm 2e2d77ba2b34d1370209188b4cfc003c cyrus-sasl-ntlm-2.1.19-14.ia64.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm ca0d49a8813a480782107fc2df5fd30a cyrus-sasl-plain-2.1.19-14.ia64.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm f384677d9fd1c9474d75fc7fad3f725a cyrus-sasl-sql-2.1.19-14.ia64.rpm

x86_64: 66d682b4378d802cbdc74072fa44ed13 cyrus-sasl-2.1.19-14.i386.rpm d1e5005820c522f8f847de220e85119e cyrus-sasl-2.1.19-14.x86_64.rpm b9eadb0e55f8058e77db49831d65040e cyrus-sasl-debuginfo-2.1.19-14.i386.rpm 6deb1667f7ed365c1618742aa3494736 cyrus-sasl-debuginfo-2.1.19-14.x86_64.rpm 7a363042e12b94b32e74b9edf820e2cb cyrus-sasl-devel-2.1.19-14.x86_64.rpm 3445d5bccd9b1f6807b7cf6b29a0ee66 cyrus-sasl-gssapi-2.1.19-14.i386.rpm 485846dfccf7ff8382b9285ce4c22802 cyrus-sasl-gssapi-2.1.19-14.x86_64.rpm b13267475db6aa2e1d03ebfa463d087d cyrus-sasl-md5-2.1.19-14.i386.rpm 74f41d53a2ba7a2d825eca4e68c5826a cyrus-sasl-md5-2.1.19-14.x86_64.rpm 5059e06456e3476737421ff14bb55662 cyrus-sasl-ntlm-2.1.19-14.i386.rpm 21fffca415363bf3205a1acad5d7a707 cyrus-sasl-ntlm-2.1.19-14.x86_64.rpm eee8ea34647b182e97ea7d057d2d722d cyrus-sasl-plain-2.1.19-14.i386.rpm c13b35aa40480e1615c1388c2cd42934 cyrus-sasl-plain-2.1.19-14.x86_64.rpm 766d4b0a23cedbb8c3e053fa29414b07 cyrus-sasl-sql-2.1.19-14.i386.rpm b2969d17575d799403a0a5afe586a4d3 cyrus-sasl-sql-2.1.19-14.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2006-1721 https://access.redhat.com/security/updates/classification#moderate

Package List


Advisory ID: RHSA-2007:0795-01
Issue date: 2007-09-04
Updated on: 2007-09-04
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here