Fedora Core 3 Update: krb5-1.3.6-5
Summary
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.
Updated krb5 packages which fix two buffer overflow vulnerabilities
in the included Kerberos-aware telnet client are now available.
Kerberos is a networked authentication system which uses a trusted
third party (a KDC) to authenticate clients and servers to each
other.
The krb5-workstation package includes a Kerberos-aware telnet client.
Two buffer overflow flaws were discovered in the way the telnet
client handles messages from a server. An attacker may be able to
execute arbitrary code on a victim's machine if the victim can be
tricked into connecting to a malicious telnet server. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the names CAN-2005-0468 and CAN-2005-0469 to these issues.
- rebuild
* Wed Mar 23 2005 Nalin Dahyabhai
- drop krshd patch
* Thu Mar 17 2005 Nalin Dahyabhai
- add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469)
- add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468)
15bad9c44ba4da14de7d5527a02c1a90 SRPMS/krb5-1.3.6-5.src.rpm
41314d054ab13a935cd57466a99bb03e x86_64/krb5-devel-1.3.6-5.x86_64.rpm
c99ffb83d090d156e59a0348e8162b6e x86_64/krb5-libs-1.3.6-5.x86_64.rpm
9ed53c214ae3b20aa8cb3a3f339b46ad x86_64/krb5-server-1.3.6-5.x86_64.rpm
1f03b24107cb22cfca368d59fb9c40ee x86_64/krb5-workstation-1.3.6-5.x86_64.rpm
0c354d4e12fcfe83c2cd6fbfb96abc16 x86_64/debug/krb5-debuginfo-1.3.6-5.x86_64.rpm
f07344531de5e52ff9b5a0d20bdc91be x86_64/krb5-libs-1.3.6-5.i386.rpm
0af73edbe1464ecceaf3a30789c5d400 i386/krb5-devel-1.3.6-5.i386.rpm
f07344531de5e52ff9b5a0d20bdc91be i386/krb5-libs-1.3.6-5.i386.rpm
d737538d9eb42347efc297930f17241c i386/krb5-server-1.3.6-5.i386.rpm
92a3d0a3000bd0a78abcf11da80009ba i386/krb5-workstation-1.3.6-5.i386.rpm
d8b1635e05c1b0bb6d76cb9f7a810d78 i386/debug/krb5-debuginfo-1.3.6-5.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command. =20
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQFCSavTN5vOV3hoi/URAkoCAJ44iybctytWmBWfgQoQrtxqz3ANbgCdEu9s
PInaD8lPxRUcZmfk0+zMiMU=Qej8
-----END PGP SIGNATURE-------hHWLQfXTYDoKhP50--
--===============1155866446=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
FEDORA-2005-270 2005-03-29 Name : krb5 Version : 1.3.6 =20 Release : 5 =20 Summary : The Kerberos network authentication system. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available. Kerberos is a networked authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. The krb5-workstation package includes a Kerberos-aware telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. - rebuild * Wed Mar 23 2005 Nalin Dahyabhai 1.3.6-4 - drop krshd patch * Thu Mar 17 2005 Nalin Dahyabhai - add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469) - add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468) 15bad9c44ba4da14de7d5527a02c1a90 SRPMS/krb5-1.3.6-5.src.rpm 41314d054ab13a935cd57466a99bb03e x86_64/krb5-devel-1.3.6-5.x86_64.rpm c99ffb83d090d156e59a0348e8162b6e x86_64/krb5-libs-1.3.6-5.x86_64.rpm 9ed53c214ae3b20aa8cb3a3f339b46ad x86_64/krb5-server-1.3.6-5.x86_64.rpm 1f03b24107cb22cfca368d59fb9c40ee x86_64/krb5-workstation-1.3.6-5.x86_64.rpm 0c354d4e12fcfe83c2cd6fbfb96abc16 x86_64/debug/krb5-debuginfo-1.3.6-5.x86_64.rpm f07344531de5e52ff9b5a0d20bdc91be x86_64/krb5-libs-1.3.6-5.i386.rpm 0af73edbe1464ecceaf3a30789c5d400 i386/krb5-devel-1.3.6-5.i386.rpm f07344531de5e52ff9b5a0d20bdc91be i386/krb5-libs-1.3.6-5.i386.rpm d737538d9eb42347efc297930f17241c i386/krb5-server-1.3.6-5.i386.rpm 92a3d0a3000bd0a78abcf11da80009ba i386/krb5-workstation-1.3.6-5.i386.rpm d8b1635e05c1b0bb6d76cb9f7a810d78 i386/debug/krb5-debuginfo-1.3.6-5.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. =20 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE-----Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCSavTN5vOV3hoi/URAkoCAJ44iybctytWmBWfgQoQrtxqz3ANbgCdEu9s PInaD8lPxRUcZmfk0+zMiMU=Qej8 -----END PGP SIGNATURE-------hHWLQfXTYDoKhP50-- --===============1155866446=Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --fedora-announce-list mailing list fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list
Change Log
References
Update Instructions
