- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Updated krb5 packages fix security vulnerabilities
Advisory ID:       RHSA-2005:012-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2005:012.html
Issue date:        2005-01-19
Updated on:        2005-01-19
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2004-0971 CAN-2004-1189
- ---------------------------------------------------------------------1. Summary:

Updated Kerberos (krb5) packages that correct buffer overflow and temporary
file bugs are now available for Red Hat Enterprise Linux.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Kerberos is a networked authentication system that uses a trusted third
party (a KDC) to authenticate clients and servers to each other.

A heap based buffer overflow bug was found in the administration library of
Kerberos 1.3.5 and earlier.  This bug could allow an authenticated remote
attacker to execute arbitrary commands on a realm's master Kerberos KDC. 
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-1189 to this issue.

Additionally a temporary file bug was found in the Kerberos krb5-send-pr
program.  It is possible that an attacker could create a temporary file
that would allow an arbitrary file to be overwritten which the victim has
write access to.  The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0971 to this issue.

All users of krb5 should upgrade to these updated packages, which contain
backported security patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

136304 - CAN-2004-0971 temporary file vulnerabilities in krb5-send-pr script
140066 - CAN-2004-0971 temporary file vulnerabilities in krb5-send-pr script
142902 - CAN-2004-1189 buffer overflow in krb5

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
9edeec6ee7d71eb15e92ff100dd53cf9  krb5-1.2.2-32.src.rpm

i386:
5e983e2655f19f5291a36e006d4258fe  krb5-devel-1.2.2-32.i386.rpm
3a6837c6854918d054574c845a81fe1e  krb5-libs-1.2.2-32.i386.rpm
9d6720b7a0eb84e75c66f06910b7ac13  krb5-server-1.2.2-32.i386.rpm
ea1826ed45658cdade4fa53f6692f2ac  krb5-workstation-1.2.2-32.i386.rpm

ia64:
7641b31ba2d148739cf87b4d80725f4e  krb5-devel-1.2.2-32.ia64.rpm
cf1d8835e783ff996241275049b90275  krb5-libs-1.2.2-32.ia64.rpm
95944c38c02a0985737ce92a974397e3  krb5-server-1.2.2-32.ia64.rpm
3e318a692f05c640da6b25d5134cda87  krb5-workstation-1.2.2-32.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
9edeec6ee7d71eb15e92ff100dd53cf9  krb5-1.2.2-32.src.rpm

ia64:
7641b31ba2d148739cf87b4d80725f4e  krb5-devel-1.2.2-32.ia64.rpm
cf1d8835e783ff996241275049b90275  krb5-libs-1.2.2-32.ia64.rpm
95944c38c02a0985737ce92a974397e3  krb5-server-1.2.2-32.ia64.rpm
3e318a692f05c640da6b25d5134cda87  krb5-workstation-1.2.2-32.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
9edeec6ee7d71eb15e92ff100dd53cf9  krb5-1.2.2-32.src.rpm

i386:
5e983e2655f19f5291a36e006d4258fe  krb5-devel-1.2.2-32.i386.rpm
3a6837c6854918d054574c845a81fe1e  krb5-libs-1.2.2-32.i386.rpm
9d6720b7a0eb84e75c66f06910b7ac13  krb5-server-1.2.2-32.i386.rpm
ea1826ed45658cdade4fa53f6692f2ac  krb5-workstation-1.2.2-32.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
9edeec6ee7d71eb15e92ff100dd53cf9  krb5-1.2.2-32.src.rpm

i386:
5e983e2655f19f5291a36e006d4258fe  krb5-devel-1.2.2-32.i386.rpm
3a6837c6854918d054574c845a81fe1e  krb5-libs-1.2.2-32.i386.rpm
9d6720b7a0eb84e75c66f06910b7ac13  krb5-server-1.2.2-32.i386.rpm
ea1826ed45658cdade4fa53f6692f2ac  krb5-workstation-1.2.2-32.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
a90ddb74f04b2ce4d135dd4727d26f4d  krb5-1.2.7-38.src.rpm

i386:
69131ba25cf08532d55f1f5d392f501c  krb5-devel-1.2.7-38.i386.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
dd38fa05c17e9e986b4d1181e695b3df  krb5-server-1.2.7-38.i386.rpm
7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf  krb5-workstation-1.2.7-38.i386.rpm

ia64:
361f9ea375518c1db1e1bd8b3c63cce7  krb5-devel-1.2.7-38.ia64.rpm
a96e16502096c19b2d8b0c3eea4b77b5  krb5-libs-1.2.7-38.ia64.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
ac2c8fe8e7d8dfc9be4fea96f7283bac  krb5-server-1.2.7-38.ia64.rpm
96303cbcd45e7fb93b93bda92047a7e9  krb5-workstation-1.2.7-38.ia64.rpm

ppc:
18807f63b63422fd8bce85ea2ba0c8e4  krb5-devel-1.2.7-38.ppc.rpm
89795f2d52b519f80a1df8fcddb0cb24  krb5-libs-1.2.7-38.ppc.rpm
0a3b6bb917d51d6a3cb19e8d2b194001  krb5-server-1.2.7-38.ppc.rpm
5917e264b07a6469e30c2ea87b6fc1fd  krb5-workstation-1.2.7-38.ppc.rpm

ppc64:
c552f8269adb38dbf21686e74085fb85  krb5-libs-1.2.7-38.ppc64.rpm

s390:
ce047097ae7b876514b9395e1b8524df  krb5-devel-1.2.7-38.s390.rpm
a070cad5f21a22f7611ae641eb4b91f5  krb5-libs-1.2.7-38.s390.rpm
1340f95c60414347b525a0b22cf72c03  krb5-server-1.2.7-38.s390.rpm
0f82ce679c7f7d6750e6bf98330cfb5b  krb5-workstation-1.2.7-38.s390.rpm

s390x:
4d90a77748aaacd818d9e3f77433618b  krb5-devel-1.2.7-38.s390x.rpm
0894dff280fc7550086b94a6737f1f45  krb5-libs-1.2.7-38.s390x.rpm
a070cad5f21a22f7611ae641eb4b91f5  krb5-libs-1.2.7-38.s390.rpm
084688d5e785317fc7e485ecc75710a8  krb5-server-1.2.7-38.s390x.rpm
128834612bbe91305293d8d77c7bde7a  krb5-workstation-1.2.7-38.s390x.rpm

x86_64:
c9439fe08d70b776d081d5877af78995  krb5-devel-1.2.7-38.x86_64.rpm
fdfbb86d17c8129232a999e5d08f2a4f  krb5-libs-1.2.7-38.x86_64.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
fb069e8ce3c2ba661d1e4bc944b5b77d  krb5-server-1.2.7-38.x86_64.rpm
c6a81c4cc4c5f8a6afa242b616651451  krb5-workstation-1.2.7-38.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
a90ddb74f04b2ce4d135dd4727d26f4d  krb5-1.2.7-38.src.rpm

i386:
69131ba25cf08532d55f1f5d392f501c  krb5-devel-1.2.7-38.i386.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf  krb5-workstation-1.2.7-38.i386.rpm

x86_64:
c9439fe08d70b776d081d5877af78995  krb5-devel-1.2.7-38.x86_64.rpm
fdfbb86d17c8129232a999e5d08f2a4f  krb5-libs-1.2.7-38.x86_64.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
c6a81c4cc4c5f8a6afa242b616651451  krb5-workstation-1.2.7-38.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
a90ddb74f04b2ce4d135dd4727d26f4d  krb5-1.2.7-38.src.rpm

i386:
69131ba25cf08532d55f1f5d392f501c  krb5-devel-1.2.7-38.i386.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
dd38fa05c17e9e986b4d1181e695b3df  krb5-server-1.2.7-38.i386.rpm
7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf  krb5-workstation-1.2.7-38.i386.rpm

ia64:
361f9ea375518c1db1e1bd8b3c63cce7  krb5-devel-1.2.7-38.ia64.rpm
a96e16502096c19b2d8b0c3eea4b77b5  krb5-libs-1.2.7-38.ia64.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
ac2c8fe8e7d8dfc9be4fea96f7283bac  krb5-server-1.2.7-38.ia64.rpm
96303cbcd45e7fb93b93bda92047a7e9  krb5-workstation-1.2.7-38.ia64.rpm

x86_64:
c9439fe08d70b776d081d5877af78995  krb5-devel-1.2.7-38.x86_64.rpm
fdfbb86d17c8129232a999e5d08f2a4f  krb5-libs-1.2.7-38.x86_64.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
fb069e8ce3c2ba661d1e4bc944b5b77d  krb5-server-1.2.7-38.x86_64.rpm
c6a81c4cc4c5f8a6afa242b616651451  krb5-workstation-1.2.7-38.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
a90ddb74f04b2ce4d135dd4727d26f4d  krb5-1.2.7-38.src.rpm

i386:
69131ba25cf08532d55f1f5d392f501c  krb5-devel-1.2.7-38.i386.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf  krb5-workstation-1.2.7-38.i386.rpm

ia64:
361f9ea375518c1db1e1bd8b3c63cce7  krb5-devel-1.2.7-38.ia64.rpm
a96e16502096c19b2d8b0c3eea4b77b5  krb5-libs-1.2.7-38.ia64.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
96303cbcd45e7fb93b93bda92047a7e9  krb5-workstation-1.2.7-38.ia64.rpm

x86_64:
c9439fe08d70b776d081d5877af78995  krb5-devel-1.2.7-38.x86_64.rpm
fdfbb86d17c8129232a999e5d08f2a4f  krb5-libs-1.2.7-38.x86_64.rpm
e450f4b4d96bd13d51cd56cec1e5e568  krb5-libs-1.2.7-38.i386.rpm
c6a81c4cc4c5f8a6afa242b616651451  krb5-workstation-1.2.7-38.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1189

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

RedHat: Updated krb5 packages fix security

Updated Kerberos (krb5) packages that correct buffer overflow and temporary file bugs are now available for Red Hat Enterprise Linux.

Summary



Summary

Kerberos is a networked authentication system that uses a trusted third party (a KDC) to authenticate clients and servers to each other. A heap based buffer overflow bug was found in the administration library of Kerberos 1.3.5 and earlier. This bug could allow an authenticated remote attacker to execute arbitrary commands on a realm's master Kerberos KDC. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1189 to this issue. Additionally a temporary file bug was found in the Kerberos krb5-send-pr program. It is possible that an attacker could create a temporary file that would allow an arbitrary file to be overwritten which the victim has write access to. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0971 to this issue. All users of krb5 should upgrade to these updated packages, which contain backported security patches to resolve these issues.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
136304 - CAN-2004-0971 temporary file vulnerabilities in krb5-send-pr script 140066 - CAN-2004-0971 temporary file vulnerabilities in krb5-send-pr script 142902 - CAN-2004-1189 buffer overflow in krb5
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS: 9edeec6ee7d71eb15e92ff100dd53cf9 krb5-1.2.2-32.src.rpm
i386: 5e983e2655f19f5291a36e006d4258fe krb5-devel-1.2.2-32.i386.rpm 3a6837c6854918d054574c845a81fe1e krb5-libs-1.2.2-32.i386.rpm 9d6720b7a0eb84e75c66f06910b7ac13 krb5-server-1.2.2-32.i386.rpm ea1826ed45658cdade4fa53f6692f2ac krb5-workstation-1.2.2-32.i386.rpm
ia64: 7641b31ba2d148739cf87b4d80725f4e krb5-devel-1.2.2-32.ia64.rpm cf1d8835e783ff996241275049b90275 krb5-libs-1.2.2-32.ia64.rpm 95944c38c02a0985737ce92a974397e3 krb5-server-1.2.2-32.ia64.rpm 3e318a692f05c640da6b25d5134cda87 krb5-workstation-1.2.2-32.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS: 9edeec6ee7d71eb15e92ff100dd53cf9 krb5-1.2.2-32.src.rpm
ia64: 7641b31ba2d148739cf87b4d80725f4e krb5-devel-1.2.2-32.ia64.rpm cf1d8835e783ff996241275049b90275 krb5-libs-1.2.2-32.ia64.rpm 95944c38c02a0985737ce92a974397e3 krb5-server-1.2.2-32.ia64.rpm 3e318a692f05c640da6b25d5134cda87 krb5-workstation-1.2.2-32.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS: 9edeec6ee7d71eb15e92ff100dd53cf9 krb5-1.2.2-32.src.rpm
i386: 5e983e2655f19f5291a36e006d4258fe krb5-devel-1.2.2-32.i386.rpm 3a6837c6854918d054574c845a81fe1e krb5-libs-1.2.2-32.i386.rpm 9d6720b7a0eb84e75c66f06910b7ac13 krb5-server-1.2.2-32.i386.rpm ea1826ed45658cdade4fa53f6692f2ac krb5-workstation-1.2.2-32.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS: 9edeec6ee7d71eb15e92ff100dd53cf9 krb5-1.2.2-32.src.rpm
i386: 5e983e2655f19f5291a36e006d4258fe krb5-devel-1.2.2-32.i386.rpm 3a6837c6854918d054574c845a81fe1e krb5-libs-1.2.2-32.i386.rpm 9d6720b7a0eb84e75c66f06910b7ac13 krb5-server-1.2.2-32.i386.rpm ea1826ed45658cdade4fa53f6692f2ac krb5-workstation-1.2.2-32.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS: a90ddb74f04b2ce4d135dd4727d26f4d krb5-1.2.7-38.src.rpm
i386: 69131ba25cf08532d55f1f5d392f501c krb5-devel-1.2.7-38.i386.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm dd38fa05c17e9e986b4d1181e695b3df krb5-server-1.2.7-38.i386.rpm 7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf krb5-workstation-1.2.7-38.i386.rpm
ia64: 361f9ea375518c1db1e1bd8b3c63cce7 krb5-devel-1.2.7-38.ia64.rpm a96e16502096c19b2d8b0c3eea4b77b5 krb5-libs-1.2.7-38.ia64.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm ac2c8fe8e7d8dfc9be4fea96f7283bac krb5-server-1.2.7-38.ia64.rpm 96303cbcd45e7fb93b93bda92047a7e9 krb5-workstation-1.2.7-38.ia64.rpm
ppc: 18807f63b63422fd8bce85ea2ba0c8e4 krb5-devel-1.2.7-38.ppc.rpm 89795f2d52b519f80a1df8fcddb0cb24 krb5-libs-1.2.7-38.ppc.rpm 0a3b6bb917d51d6a3cb19e8d2b194001 krb5-server-1.2.7-38.ppc.rpm 5917e264b07a6469e30c2ea87b6fc1fd krb5-workstation-1.2.7-38.ppc.rpm
ppc64: c552f8269adb38dbf21686e74085fb85 krb5-libs-1.2.7-38.ppc64.rpm
s390: ce047097ae7b876514b9395e1b8524df krb5-devel-1.2.7-38.s390.rpm a070cad5f21a22f7611ae641eb4b91f5 krb5-libs-1.2.7-38.s390.rpm 1340f95c60414347b525a0b22cf72c03 krb5-server-1.2.7-38.s390.rpm 0f82ce679c7f7d6750e6bf98330cfb5b krb5-workstation-1.2.7-38.s390.rpm
s390x: 4d90a77748aaacd818d9e3f77433618b krb5-devel-1.2.7-38.s390x.rpm 0894dff280fc7550086b94a6737f1f45 krb5-libs-1.2.7-38.s390x.rpm a070cad5f21a22f7611ae641eb4b91f5 krb5-libs-1.2.7-38.s390.rpm 084688d5e785317fc7e485ecc75710a8 krb5-server-1.2.7-38.s390x.rpm 128834612bbe91305293d8d77c7bde7a krb5-workstation-1.2.7-38.s390x.rpm
x86_64: c9439fe08d70b776d081d5877af78995 krb5-devel-1.2.7-38.x86_64.rpm fdfbb86d17c8129232a999e5d08f2a4f krb5-libs-1.2.7-38.x86_64.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm fb069e8ce3c2ba661d1e4bc944b5b77d krb5-server-1.2.7-38.x86_64.rpm c6a81c4cc4c5f8a6afa242b616651451 krb5-workstation-1.2.7-38.x86_64.rpm
Red Hat Desktop version 3:
SRPMS: a90ddb74f04b2ce4d135dd4727d26f4d krb5-1.2.7-38.src.rpm
i386: 69131ba25cf08532d55f1f5d392f501c krb5-devel-1.2.7-38.i386.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm 7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf krb5-workstation-1.2.7-38.i386.rpm
x86_64: c9439fe08d70b776d081d5877af78995 krb5-devel-1.2.7-38.x86_64.rpm fdfbb86d17c8129232a999e5d08f2a4f krb5-libs-1.2.7-38.x86_64.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm c6a81c4cc4c5f8a6afa242b616651451 krb5-workstation-1.2.7-38.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS: a90ddb74f04b2ce4d135dd4727d26f4d krb5-1.2.7-38.src.rpm
i386: 69131ba25cf08532d55f1f5d392f501c krb5-devel-1.2.7-38.i386.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm dd38fa05c17e9e986b4d1181e695b3df krb5-server-1.2.7-38.i386.rpm 7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf krb5-workstation-1.2.7-38.i386.rpm
ia64: 361f9ea375518c1db1e1bd8b3c63cce7 krb5-devel-1.2.7-38.ia64.rpm a96e16502096c19b2d8b0c3eea4b77b5 krb5-libs-1.2.7-38.ia64.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm ac2c8fe8e7d8dfc9be4fea96f7283bac krb5-server-1.2.7-38.ia64.rpm 96303cbcd45e7fb93b93bda92047a7e9 krb5-workstation-1.2.7-38.ia64.rpm
x86_64: c9439fe08d70b776d081d5877af78995 krb5-devel-1.2.7-38.x86_64.rpm fdfbb86d17c8129232a999e5d08f2a4f krb5-libs-1.2.7-38.x86_64.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm fb069e8ce3c2ba661d1e4bc944b5b77d krb5-server-1.2.7-38.x86_64.rpm c6a81c4cc4c5f8a6afa242b616651451 krb5-workstation-1.2.7-38.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS: a90ddb74f04b2ce4d135dd4727d26f4d krb5-1.2.7-38.src.rpm
i386: 69131ba25cf08532d55f1f5d392f501c krb5-devel-1.2.7-38.i386.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm 7c7f4cd7ebf4e9fc50e9c4f4ad9e2faf krb5-workstation-1.2.7-38.i386.rpm
ia64: 361f9ea375518c1db1e1bd8b3c63cce7 krb5-devel-1.2.7-38.ia64.rpm a96e16502096c19b2d8b0c3eea4b77b5 krb5-libs-1.2.7-38.ia64.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm 96303cbcd45e7fb93b93bda92047a7e9 krb5-workstation-1.2.7-38.ia64.rpm
x86_64: c9439fe08d70b776d081d5877af78995 krb5-devel-1.2.7-38.x86_64.rpm fdfbb86d17c8129232a999e5d08f2a4f krb5-libs-1.2.7-38.x86_64.rpm e450f4b4d96bd13d51cd56cec1e5e568 krb5-libs-1.2.7-38.i386.rpm c6a81c4cc4c5f8a6afa242b616651451 krb5-workstation-1.2.7-38.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0971 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1189

Package List


Severity
Advisory ID: RHSA-2005:012-01
Advisory URL: https://access.redhat.com/errata/RHSA-2005:012.html
Issued Date: : 2005-01-19
Updated on: 2005-01-19
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0971 CAN-2004-1189 Updated Kerberos (krb5) packages that correct buffer overflow and temporary file bugs are now available for Red Hat Enterprise Linux.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64

Red Hat Linux Advanced Workstation 2.1 - ia64

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64

Red Hat Desktop version 3 - i386, x86_64

Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64


Bugs Fixed


Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved