Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
100
security advisoryinteger overflowimportant updateSUSE: 2022:3079-1 Important: bci/dotnet-runtime Integer Overflow fix
The container bci/dotnet-runtime was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-runtime ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3079-1 Container Tags : bci/dotnet-runtime:6.0 , bci/dotnet-runtime:6.0-21.50 , bci/dotnet-runtime:6.0.9 , bci/dotnet-runtime:6.0.9-21.50 Container Release : 21.50 Severity : important Type : security References : 1198165 1205126 CVE-2022-42898 ----------------------------------------------------------------- The container bci/dotnet-runtime was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4135-1 Released: Mon Nov 21 00:13:40 2022 Summary: Recommended update for libeconf Type: recommended Severity: moderate References: 1198165 This update for libeconf fixes the following issues: - Update to version 0.4.6+git - econftool: Parsing error: Reporting file and line nr. --delimeters=spaces accepting all kind of spaces for delimiter. - libeconf: Parse files correctly on space characters (1198165) - Update to version 0.4.5+git - econftool: New call 'syntax' for checking the configuration files only. Returns an error string with line number if error. New options '--comment' and '--delimeters' ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4153-1 Released: Mon Nov 21 14:34:09 2022 Summary: Security update for krb5 Type: security Severity: important References: 1205126,CVE-2022-42898 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126). The following package changes have been done: - libeconf0-0.4.6+git20220427.3016f4e-150400.3.3.1 updated - krb5-1.19.2-150400.3.3.1 updated - container:sles15-image-15.0.0-27.14.18 updated . SUSEenhances bci/dotnet-runtime, addressing critical vulnerabilities related to integer overflow and additional concerns. Keep your systems protected.. bci/dotnet-runtime, Security Update, Container Advisory. . Severity: Important. LinuxSecurity.com Team
Nov 22, 2022
•Important
SuSE
100
security advisorySUSEimportant updateSUSE: 2021:317-1 Important Update: Rook Ceph Container Security
The container ses/7/rook/ceph was updated. The following patches have been included in this update:. SUSE Container Update Advisory: ses/7/rook/ceph ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:317-1 Container Tags : ses/7/rook/ceph:1.5.12 , ses/7/rook/ceph:1.5.12.4 , ses/7/rook/ceph:1.5.12.4.1.1756 , ses/7/rook/ceph:latest , ses/7/rook/ceph:sle15.2.octopus Container Release : 1.1756 Severity : important Type : security References : 1177695 1184994 1187091 1188063 1188127 1188217 1188218 1188219 1188220 1188571 1189683 CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 CVE-2021-22925 CVE-2021-33910 CVE-2021-36222 ----------------------------------------------------------------- The container ses/7/rook/ceph was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2404-1 Released: Tue Jul 20 14:21:30 2021 Summary: Security update for systemd Type: security Severity: moderate References: 1184994,1188063,CVE-2021-33910 This update for systemd fixes the following issues: - CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063) - Skip udev rules if 'elevator=' is used (bsc#1184994) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2439-1 Released: Wed Jul 21 13:46:48 2021 Summary: Security update for curl Type: security Severity: moderate References: 1188217,1188218,1188219,1188220,CVE-2021-22922,CVE-2021-22923,CVE-2021-22924,CVE-2021-22925 This update for curl fixes the following issues: - CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220) - CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219) - CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218) - CVE-2021-22922: Wrongcontent via metalink not discarded. (bsc#1188217) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2456-1 Released: Thu Jul 22 15:28:39 2021 Summary: Recommended update for pam-config Type: recommended Severity: moderate References: 1187091 This update for pam-config fixes the following issues: - Add 'revoke' to the option list for 'pam_keyinit'. - Fixed an issue when pam-config fails to create a new service config file. (bsc#1187091) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2573-1 Released: Thu Jul 29 14:21:52 2021 Summary: Recommended update for timezone Type: recommended Severity: moderate References: 1188127 This update for timezone fixes the following issue: - From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2593-1 Released: Mon Aug 2 15:40:22 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate References: 1177695 This update for suse-module-tools provides the following fix: - modprobe.d: Remove dma=none setting for parport_pc. (bsc#1177695) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2800-1 Released: Fri Aug 20 10:43:04 2021 Summary: Security update for krb5 Type: security Severity: important References: 1188571,CVE-2021-36222 This update for krb5 fixes the following issues: - CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge. (bsc#1188571) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3001-1 Released: Thu Sep 9 15:08:13 2021 Summary: Recommended update for netcfg Type: recommended Severity: moderate References: 1189683 This update for netcfg fixes the following issues: - add submissions port/protocol to services file for message submission over TLS protocol [bsc#1189683] . SUSE Container Security Notification for ses/7/rook/ceph delivers essential updates to enhance system integrity and performance stability.. SUSE Update, Ses/7 Rook, Ceph Container, Security Advisory, Important Update. . Severity: Important. LinuxSecurity.com Team
Sep 15, 2021
•Important
SuSE
98
security advisoryRed Hat Enterprise Linuxmoderate severityRed Hat: RHSA-2011:1379-01 Moderate: krb5 Denial of Service Issues
Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: krb5 security update Advisory ID: RHSA-2011:1379-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:1379.html Issue date: 2011-10-18 CVE Names: CVE-2011-1527 CVE-2011-1528 CVE-2011-1529 ==================================================================== 1. Summary: Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC). Multiple NULL pointer dereference and assertion failure flaws were found in the MIT Kerberos KDC when it was configured to use an LDAP (Lightweight Directory Access Protocol) or Berkeley Database (Berkeley DB) back end. A remote attacker could use these flaws tocrash the KDC. (CVE-2011-1527, CVE-2011-1528, CVE-2011-1529) Red Hat would like to thank the MIT Kerberos project for reporting the CVE-2011-1527 issue. Upstream acknowledges Andrej Ota as the original reporter of CVE-2011-1527. All krb5 users should upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the updated packages, the krb5kdc daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (https://bugzilla.redhat.com/): 737711 - CVE-2011-1527 CVE-2011-1528 CVE-2011-1529 krb5: KDC denial of service vulnerabilities (MITKRB5-SA-2011-006) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-libs-1.9-9.el6_1.2.i686.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.i686.rpm krb5-workstation-1.9-9.el6_1.2.i686.rpm x86_64: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-debuginfo-1.9-9.el6_1.2.x86_64.rpm krb5-libs-1.9-9.el6_1.2.i686.rpm krb5-libs-1.9-9.el6_1.2.x86_64.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.x86_64.rpm krb5-workstation-1.9-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-devel-1.9-9.el6_1.2.i686.rpm krb5-server-1.9-9.el6_1.2.i686.rpm krb5-server-ldap-1.9-9.el6_1.2.i686.rpm x86_64: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-debuginfo-1.9-9.el6_1.2.x86_64.rpm krb5-devel-1.9-9.el6_1.2.i686.rpm krb5-devel-1.9-9.el6_1.2.x86_64.rpm krb5-server-1.9-9.el6_1.2.x86_64.rpm krb5-server-ldap-1.9-9.el6_1.2.i686.rpm krb5-server-ldap-1.9-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v.6): Source: x86_64: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-debuginfo-1.9-9.el6_1.2.x86_64.rpm krb5-libs-1.9-9.el6_1.2.i686.rpm krb5-libs-1.9-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-debuginfo-1.9-9.el6_1.2.x86_64.rpm krb5-devel-1.9-9.el6_1.2.i686.rpm krb5-devel-1.9-9.el6_1.2.x86_64.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.x86_64.rpm krb5-server-1.9-9.el6_1.2.x86_64.rpm krb5-server-ldap-1.9-9.el6_1.2.i686.rpm krb5-server-ldap-1.9-9.el6_1.2.x86_64.rpm krb5-workstation-1.9-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-devel-1.9-9.el6_1.2.i686.rpm krb5-libs-1.9-9.el6_1.2.i686.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.i686.rpm krb5-server-1.9-9.el6_1.2.i686.rpm krb5-server-ldap-1.9-9.el6_1.2.i686.rpm krb5-workstation-1.9-9.el6_1.2.i686.rpm ppc64: krb5-debuginfo-1.9-9.el6_1.2.ppc.rpm krb5-debuginfo-1.9-9.el6_1.2.ppc64.rpm krb5-devel-1.9-9.el6_1.2.ppc.rpm krb5-devel-1.9-9.el6_1.2.ppc64.rpm krb5-libs-1.9-9.el6_1.2.ppc.rpm krb5-libs-1.9-9.el6_1.2.ppc64.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.ppc64.rpm krb5-server-1.9-9.el6_1.2.ppc64.rpm krb5-server-ldap-1.9-9.el6_1.2.ppc.rpm krb5-server-ldap-1.9-9.el6_1.2.ppc64.rpm krb5-workstation-1.9-9.el6_1.2.ppc64.rpm s390x: krb5-debuginfo-1.9-9.el6_1.2.s390.rpm krb5-debuginfo-1.9-9.el6_1.2.s390x.rpm krb5-devel-1.9-9.el6_1.2.s390.rpm krb5-devel-1.9-9.el6_1.2.s390x.rpm krb5-libs-1.9-9.el6_1.2.s390.rpm krb5-libs-1.9-9.el6_1.2.s390x.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.s390x.rpm krb5-server-1.9-9.el6_1.2.s390x.rpm krb5-server-ldap-1.9-9.el6_1.2.s390.rpm krb5-server-ldap-1.9-9.el6_1.2.s390x.rpm krb5-workstation-1.9-9.el6_1.2.s390x.rpm x86_64: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-debuginfo-1.9-9.el6_1.2.x86_64.rpm krb5-devel-1.9-9.el6_1.2.i686.rpm krb5-devel-1.9-9.el6_1.2.x86_64.rpm krb5-libs-1.9-9.el6_1.2.i686.rpm krb5-libs-1.9-9.el6_1.2.x86_64.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.x86_64.rpm krb5-server-1.9-9.el6_1.2.x86_64.rpm krb5-server-ldap-1.9-9.el6_1.2.i686.rpm krb5-server-ldap-1.9-9.el6_1.2.x86_64.rpm krb5-workstation-1.9-9.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: i386: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-devel-1.9-9.el6_1.2.i686.rpm krb5-libs-1.9-9.el6_1.2.i686.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.i686.rpm krb5-server-1.9-9.el6_1.2.i686.rpm krb5-server-ldap-1.9-9.el6_1.2.i686.rpm krb5-workstation-1.9-9.el6_1.2.i686.rpm x86_64: krb5-debuginfo-1.9-9.el6_1.2.i686.rpm krb5-debuginfo-1.9-9.el6_1.2.x86_64.rpm krb5-devel-1.9-9.el6_1.2.i686.rpm krb5-devel-1.9-9.el6_1.2.x86_64.rpm krb5-libs-1.9-9.el6_1.2.i686.rpm krb5-libs-1.9-9.el6_1.2.x86_64.rpm krb5-pkinit-openssl-1.9-9.el6_1.2.x86_64.rpm krb5-server-1.9-9.el6_1.2.x86_64.rpm krb5-server-ldap-1.9-9.el6_1.2.i686.rpm krb5-server-ldap-1.9-9.el6_1.2.x86_64.rpm krb5-workstation-1.9-9.el6_1.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2011-1527 https://access.redhat.com/security/cve/CVE-2011-1528 https://access.redhat.com/security/cve/CVE-2011-1529 https://access.redhat.com/security/updates/classification/#moderate http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-006.txt 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFOngnVXlSAg2UNWIIRAmqRAJ94bmk7qEXhlCS/IZMaXqJSmRH+pwCgs7zx SL14/7irg9JuvAX62+2exUM=vwYV -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Oct 18, 2011
Red Hat
98
security advisoryRed Hat Enterprise Linuxmoderate impactRed Hat: RHSA-2011:0447-01 Moderate: krb5 Remote Auth Issue
Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: krb5 security update Advisory ID: RHSA-2011:0447-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:0447.html Issue date: 2011-04-14 CVE Names: CVE-2011-0285 ==================================================================== 1. Summary: Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC). An invalid free flaw was found in the password-changing capability of the MIT Kerberos administration daemon, kadmind. A remote, unauthenticated attacker could use this flaw to cause kadmind to abort via a specially-crafted request. (CVE-2011-0285) All krb5 users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the kadmind daemon will be restartedautomatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (https://bugzilla.redhat.com/): 696334 - CVE-2011-0285 krb5: kadmind invalid pointer free() (MITKRB5-SA-004) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-libs-1.8.2-3.el6_0.7.i686.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.i686.rpm krb5-workstation-1.8.2-3.el6_0.7.i686.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.7.x86_64.rpm krb5-libs-1.8.2-3.el6_0.7.i686.rpm krb5-libs-1.8.2-3.el6_0.7.x86_64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.x86_64.rpm krb5-workstation-1.8.2-3.el6_0.7.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-devel-1.8.2-3.el6_0.7.i686.rpm krb5-server-1.8.2-3.el6_0.7.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.7.x86_64.rpm krb5-devel-1.8.2-3.el6_0.7.i686.rpm krb5-devel-1.8.2-3.el6_0.7.x86_64.rpm krb5-server-1.8.2-3.el6_0.7.x86_64.rpm krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.7.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.7.x86_64.rpm krb5-libs-1.8.2-3.el6_0.7.i686.rpm krb5-libs-1.8.2-3.el6_0.7.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v.6): Source: x86_64: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.7.x86_64.rpm krb5-devel-1.8.2-3.el6_0.7.i686.rpm krb5-devel-1.8.2-3.el6_0.7.x86_64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.x86_64.rpm krb5-server-1.8.2-3.el6_0.7.x86_64.rpm krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.7.x86_64.rpm krb5-workstation-1.8.2-3.el6_0.7.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-devel-1.8.2-3.el6_0.7.i686.rpm krb5-libs-1.8.2-3.el6_0.7.i686.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.i686.rpm krb5-server-1.8.2-3.el6_0.7.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm krb5-workstation-1.8.2-3.el6_0.7.i686.rpm ppc64: krb5-debuginfo-1.8.2-3.el6_0.7.ppc.rpm krb5-debuginfo-1.8.2-3.el6_0.7.ppc64.rpm krb5-devel-1.8.2-3.el6_0.7.ppc.rpm krb5-devel-1.8.2-3.el6_0.7.ppc64.rpm krb5-libs-1.8.2-3.el6_0.7.ppc.rpm krb5-libs-1.8.2-3.el6_0.7.ppc64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.ppc64.rpm krb5-server-1.8.2-3.el6_0.7.ppc64.rpm krb5-server-ldap-1.8.2-3.el6_0.7.ppc.rpm krb5-server-ldap-1.8.2-3.el6_0.7.ppc64.rpm krb5-workstation-1.8.2-3.el6_0.7.ppc64.rpm s390x: krb5-debuginfo-1.8.2-3.el6_0.7.s390.rpm krb5-debuginfo-1.8.2-3.el6_0.7.s390x.rpm krb5-devel-1.8.2-3.el6_0.7.s390.rpm krb5-devel-1.8.2-3.el6_0.7.s390x.rpm krb5-libs-1.8.2-3.el6_0.7.s390.rpm krb5-libs-1.8.2-3.el6_0.7.s390x.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.s390x.rpm krb5-server-1.8.2-3.el6_0.7.s390x.rpm krb5-server-ldap-1.8.2-3.el6_0.7.s390.rpm krb5-server-ldap-1.8.2-3.el6_0.7.s390x.rpm krb5-workstation-1.8.2-3.el6_0.7.s390x.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.7.x86_64.rpm krb5-devel-1.8.2-3.el6_0.7.i686.rpm krb5-devel-1.8.2-3.el6_0.7.x86_64.rpm krb5-libs-1.8.2-3.el6_0.7.i686.rpm krb5-libs-1.8.2-3.el6_0.7.x86_64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.x86_64.rpm krb5-server-1.8.2-3.el6_0.7.x86_64.rpm krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.7.x86_64.rpm krb5-workstation-1.8.2-3.el6_0.7.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: i386: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-devel-1.8.2-3.el6_0.7.i686.rpm krb5-libs-1.8.2-3.el6_0.7.i686.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.i686.rpm krb5-server-1.8.2-3.el6_0.7.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm krb5-workstation-1.8.2-3.el6_0.7.i686.rpm x86_64: krb5-debuginfo-1.8.2-3.el6_0.7.i686.rpm krb5-debuginfo-1.8.2-3.el6_0.7.x86_64.rpm krb5-devel-1.8.2-3.el6_0.7.i686.rpm krb5-devel-1.8.2-3.el6_0.7.x86_64.rpm krb5-libs-1.8.2-3.el6_0.7.i686.rpm krb5-libs-1.8.2-3.el6_0.7.x86_64.rpm krb5-pkinit-openssl-1.8.2-3.el6_0.7.x86_64.rpm krb5-server-1.8.2-3.el6_0.7.x86_64.rpm krb5-server-ldap-1.8.2-3.el6_0.7.i686.rpm krb5-server-ldap-1.8.2-3.el6_0.7.x86_64.rpm krb5-workstation-1.8.2-3.el6_0.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-0285 https://access.redhat.com/security/updates/classification#moderate http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-004.txt 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2011 Red Hat, Inc. . Revamped krb5 installations accessible for Red Hat Enterprise Linux 6. Tackle moderate security vulnerabilities comprehensively with the provided solution.. Krb5 Security Update, Red Hat Advisory, Enterprise Linux Fix. . LinuxSecurity.com Team
Apr 14, 2011
Red Hat
98
security advisoryRed Hat Enterprise LinuxDoS threatRed Hat Enterprise Linux 5: RHSA-2007:0892-01 Important: krb5 Remote Crash
Updated krb5 packages that correct a security flaw are now available for Red Hat Enterprise Linux 5. The MIT Kerberos Team discovered a problem with the originally published patch for svc_auth_gss.c (CVE-2007-3999). A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked by FORTIFY_SOURCE.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: krb5 security update Advisory ID: RHSA-2007:0892-01 Advisory URL: https://access.redhat.com/errata/RHSA-2007:0892.html Issue date: 2007-09-07 Updated on: 2007-09-07 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-4743 - ---------------------------------------------------------------------1. Summary: Updated krb5 packages that correct a security flaw are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. kadmind is the KADM5 administration server. The MIT Kerberos Team discovered a problem with the originally published patch for svc_auth_gss.c (CVE-2007-3999). A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash. On Red Hat Enterprise Linux 5 it is not possible to exploit this flaw to run arbitrary code as the overflow is blocked byFORTIFY_SOURCE. (CVE-2007-4743) This issue did not affect the versions of Kerberos distributed with Red Hat Enterprise Linux 2.1, 3, or 4. Users of krb5-server are advised to update to these erratum packages which contain a corrected backported fix for this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bug IDs fixed (http://bugzilla.redhat.com/): 281561 - CVE-2007-4743 krb5 incomplete fix for CVE-2007-3999 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: 825ddbdc5d0d34099fc4ad64d36f4319 krb5-1.5-29.src.rpm i386: 49c6bed26fe92556ea56746ef315eb4a krb5-debuginfo-1.5-29.i386.rpm 00fd7d19bdfb7206bc203e7320250761 krb5-libs-1.5-29.i386.rpm 3ef36114368f3cbd86e062c07271948c krb5-workstation-1.5-29.i386.rpm x86_64: 49c6bed26fe92556ea56746ef315eb4a krb5-debuginfo-1.5-29.i386.rpm 1faafca4b40f16e908c61dcdc3d790ab krb5-debuginfo-1.5-29.x86_64.rpm 00fd7d19bdfb7206bc203e7320250761 krb5-libs-1.5-29.i386.rpm c164118f540ee1bac62d882fe9dec19f krb5-libs-1.5-29.x86_64.rpm de907c36f79439aaa445ae73c5582fce krb5-workstation-1.5-29.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: 825ddbdc5d0d34099fc4ad64d36f4319 krb5-1.5-29.src.rpm i386: 49c6bed26fe92556ea56746ef315eb4a krb5-debuginfo-1.5-29.i386.rpm bf248e6abade39c2ecaa8243566b6cc7 krb5-devel-1.5-29.i386.rpm d5218610f15e702055e6cb3bc34397dc krb5-server-1.5-29.i386.rpm x86_64: 49c6bed26fe92556ea56746ef315eb4a krb5-debuginfo-1.5-29.i386.rpm 1faafca4b40f16e908c61dcdc3d790ab krb5-debuginfo-1.5-29.x86_64.rpm bf248e6abade39c2ecaa8243566b6cc7 krb5-devel-1.5-29.i386.rpm 891392dc7551dc50ea8dc2b5f2bca601 krb5-devel-1.5-29.x86_64.rpm e4fff97ed9a00cb8771a58292bb48f06 krb5-server-1.5-29.x86_64.rpm Red Hat Enterprise Linux (v. 5server): SRPMS: 825ddbdc5d0d34099fc4ad64d36f4319 krb5-1.5-29.src.rpm i386: 49c6bed26fe92556ea56746ef315eb4a krb5-debuginfo-1.5-29.i386.rpm bf248e6abade39c2ecaa8243566b6cc7 krb5-devel-1.5-29.i386.rpm 00fd7d19bdfb7206bc203e7320250761 krb5-libs-1.5-29.i386.rpm d5218610f15e702055e6cb3bc34397dc krb5-server-1.5-29.i386.rpm 3ef36114368f3cbd86e062c07271948c krb5-workstation-1.5-29.i386.rpm ia64: 49c6bed26fe92556ea56746ef315eb4a krb5-debuginfo-1.5-29.i386.rpm 9d9511b38b21062bf111b31b107ec5e1 krb5-debuginfo-1.5-29.ia64.rpm 30bf7d79eddef0731ba4e24cf5b8c741 krb5-devel-1.5-29.ia64.rpm 00fd7d19bdfb7206bc203e7320250761 krb5-libs-1.5-29.i386.rpm af876b898ae7ac055ec340fa7356a9e0 krb5-libs-1.5-29.ia64.rpm a725ad3b4aa57a14759bb0970433180e krb5-server-1.5-29.ia64.rpm 887a69b951556747567a5dc626a13ecf krb5-workstation-1.5-29.ia64.rpm ppc: 34840ec80856925d05d1709c6b7a9057 krb5-debuginfo-1.5-29.ppc.rpm aae4c19acb133fa168a3b6fe109ae65b krb5-debuginfo-1.5-29.ppc64.rpm 4165e2b7aa9153668a199781ecba6d19 krb5-devel-1.5-29.ppc.rpm cfca3e64c19bae40f0ecab452649ec31 krb5-devel-1.5-29.ppc64.rpm f366aa3cec08f584c88767cfa6612206 krb5-libs-1.5-29.ppc.rpm 851aef665207ae0ad32ef7b0532aad7d krb5-libs-1.5-29.ppc64.rpm 27f30dfe5a9759a9a4358c3b04f038f5 krb5-server-1.5-29.ppc.rpm da64453a2cd7040eb79a967a1f633b47 krb5-workstation-1.5-29.ppc.rpm s390x: c3c6509037d412fba7591f5c58981964 krb5-debuginfo-1.5-29.s390.rpm 59efad893592df25629631142465b895 krb5-debuginfo-1.5-29.s390x.rpm ef30b93ebdb3be79c2967195fc05857a krb5-devel-1.5-29.s390.rpm 6cbf3138061196eae451d90333f5dc1b krb5-devel-1.5-29.s390x.rpm f0c64ed436eb6af72084e148eaf07a1c krb5-libs-1.5-29.s390.rpm 5218436ecb5a97de43f96585e76d3776 krb5-libs-1.5-29.s390x.rpm d53dfdf1222dc096a228a73a49e3a361 krb5-server-1.5-29.s390x.rpm 14e97979433df3744f68e4f0058f482a krb5-workstation-1.5-29.s390x.rpm x86_64: 49c6bed26fe92556ea56746ef315eb4a krb5-debuginfo-1.5-29.i386.rpm 1faafca4b40f16e908c61dcdc3d790ab krb5-debuginfo-1.5-29.x86_64.rpm bf248e6abade39c2ecaa8243566b6cc7 krb5-devel-1.5-29.i386.rpm 891392dc7551dc50ea8dc2b5f2bca601 krb5-devel-1.5-29.x86_64.rpm 00fd7d19bdfb7206bc203e7320250761 krb5-libs-1.5-29.i386.rpm c164118f540ee1bac62d882fe9dec19f krb5-libs-1.5-29.x86_64.rpm e4fff97ed9a00cb8771a58292bb48f06 krb5-server-1.5-29.x86_64.rpm de907c36f79439aaa445ae73c5582fce krb5-workstation-1.5-29.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2007-4743 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2007 Red Hat, Inc. . Critical krb5 security patch notice for Red Hat Enterprise Linux, addressing potential remote exploitation vulnerabilities.. Red Hat Enterprise Linux, krb5 exploit, security update, authentication risk. . Severity: Important. LinuxSecurity.com Team
Sep 07, 2007
•Important
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!