Fedora Core 2 Update: krb5-1.3.6-4
Summary
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.
Updated krb5 packages which fix two buffer overflow vulnerabilities
in the included Kerberos-aware telnet client are now available.
Kerberos is a networked authentication system which uses a trusted
third party (a KDC) to authenticate clients and servers to each
other.
The krb5-workstation package includes a Kerberos-aware telnet client.
Two buffer overflow flaws were discovered in the way the telnet
client handles messages from a server. An attacker may be able to
execute arbitrary code on a victim's machine if the victim can be
tricked into connecting to a malicious telnet server. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the names CAN-2005-0468 and CAN-2005-0469 to these issues.
- drop krshd patch
* Thu Mar 17 2005 Nalin Dahyabhai
- add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469)
- add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468)
3c210dbdcfb5f01a35f52632abbd3e58 SRPMS/krb5-1.3.6-4.src.rpm
2b4e4f7ffe208989572b173efa18c4b4 x86_64/krb5-devel-1.3.6-4.x86_64.rpm
67a3ffb77c8f92b235d503380ff54b32 x86_64/krb5-libs-1.3.6-4.x86_64.rpm
5d8e752002f27ca2ea7c8f40a6247b37 x86_64/krb5-server-1.3.6-4.x86_64.rpm
b01504865b91a46e9f6dab345a939bf6 x86_64/krb5-workstation-1.3.6-4.x86_64.rpm
72def6a5e69a30e63ab071f581ad1729 x86_64/debug/krb5-debuginfo-1.3.6-4.x86_64.rpm
891e77b16aa127543976583a0b134464 x86_64/krb5-libs-1.3.6-4.i386.rpm
e26b5c97144daa666babf9e01bc90b25 i386/krb5-devel-1.3.6-4.i386.rpm
891e77b16aa127543976583a0b134464 i386/krb5-libs-1.3.6-4.i386.rpm
16a523103910c903de48a8c2e33c6524 i386/krb5-server-1.3.6-4.i386.rpm
f36537a81b6330e72c01de759196fb35 i386/krb5-workstation-1.3.6-4.i386.rpm
123d9371167ecbe81399b256ece22399 i386/debug/krb5-debuginfo-1.3.6-4.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command. =20
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFCSavBN5vOV3hoi/URAhHFAJ40VLeGnwyNAscU2T7PJjHafnRfPwCfdP3U
mQiNn+duV2S7fVUV23LMZmQ=45YW
-----END PGP SIGNATURE-------MGYHOYXEY6WxJCY8--
--===============1330397643=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
FEDORA-2005-269 2005-03-29 Name : krb5 Version : 1.3.6 =20 Release : 4 =20 Summary : The Kerberos network authentication system. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available. Kerberos is a networked authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. The krb5-workstation package includes a Kerberos-aware telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. - drop krshd patch * Thu Mar 17 2005 Nalin Dahyabhai - add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469) - add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468) 3c210dbdcfb5f01a35f52632abbd3e58 SRPMS/krb5-1.3.6-4.src.rpm 2b4e4f7ffe208989572b173efa18c4b4 x86_64/krb5-devel-1.3.6-4.x86_64.rpm 67a3ffb77c8f92b235d503380ff54b32 x86_64/krb5-libs-1.3.6-4.x86_64.rpm 5d8e752002f27ca2ea7c8f40a6247b37 x86_64/krb5-server-1.3.6-4.x86_64.rpm b01504865b91a46e9f6dab345a939bf6 x86_64/krb5-workstation-1.3.6-4.x86_64.rpm 72def6a5e69a30e63ab071f581ad1729 x86_64/debug/krb5-debuginfo-1.3.6-4.x86_64.rpm 891e77b16aa127543976583a0b134464 x86_64/krb5-libs-1.3.6-4.i386.rpm e26b5c97144daa666babf9e01bc90b25 i386/krb5-devel-1.3.6-4.i386.rpm 891e77b16aa127543976583a0b134464 i386/krb5-libs-1.3.6-4.i386.rpm 16a523103910c903de48a8c2e33c6524 i386/krb5-server-1.3.6-4.i386.rpm f36537a81b6330e72c01de759196fb35 i386/krb5-workstation-1.3.6-4.i386.rpm 123d9371167ecbe81399b256ece22399 i386/debug/krb5-debuginfo-1.3.6-4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. =20 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE-----Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCSavBN5vOV3hoi/URAhHFAJ40VLeGnwyNAscU2T7PJjHafnRfPwCfdP3U mQiNn+duV2S7fVUV23LMZmQ=45YW -----END PGP SIGNATURE-------MGYHOYXEY6WxJCY8-- --===============1330397643=Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --fedora-announce-list mailing list fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list
Change Log
References
Update Instructions
