Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Fedora Core 5 Update: krb5-1.4.3-5.5 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora This update incorporates fixes for a stack buffer overflow and heap corruption in the RPC library, and a fix for a potential stack buffer overflow in kadmind.
Fedora Update Notification

Product     : Fedora Core 5
Name        : krb5
Version     : 1.4.3
Release     : 5.5
Summary     : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

Update Information:

This update incorporates fixes for a stack buffer overflow
and heap corruption in the RPC library, and a fix for a
potential stack buffer overflow in kadmind.
* Wed Jun 27 2007 Nalin Dahyabhai  1.4.3-5.5
- incorporate fixes for MITKRB5-SA-2007-004 (CVE-2007-2442,CVE-2007-2443)
  and MITKRB5-SA-2007-005 (CVE-2007-2798)
* Tue Apr  3 2007 Nalin Dahyabhai  1.4.3-5.4
- add patch to correct unauthorized access via krb5-aware telnet
  daemon (#229782, CVE-2007-0956)
- add patch to fix buffer overflow in krb5kdc and kadmind
  (#231528, CVE-2007-0957)
- add patch to fix double-free in kadmind (#231537, CVE-2007-1216)
* Tue Jan  9 2007 Nalin Dahyabhai  1.4.3-5.3
- apply patch from Tom Yu to fix MITKRB-SA-2006-002 (CVE-2006-6143)
* Fri Aug 18 2006 Nalin Dahyabhai  1.4.3-5.2
- switch to the updated patch for MITKRB-SA-2006-001
* Tue Aug  8 2006 Nalin Dahyabhai  1.4.3-5.1
- apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084)
* Fri Apr 14 2006 Stepan Kasal     - 1.4.3-5
- Fix formatting typo in kinit.1 (krb5-kinit-man-typo.patch)

This update can be downloaded from:

428f5a1a16f261507e780a7468adcf054534228a  SRPMS/krb5-1.4.3-5.5.src.rpm
428f5a1a16f261507e780a7468adcf054534228a  noarch/krb5-1.4.3-5.5.src.rpm
ae9338cee91736eab3a108b8713d4dce56e1e41e  ppc/debug/krb5-debuginfo-1.4.3-5.5.ppc.rpm
7a6a044dbe79c2b1e52bb37493a125c81ec3d61a  ppc/krb5-server-1.4.3-5.5.ppc.rpm
28f4db0ea0ee174c3d027b387e2dc1de3743920a  ppc/krb5-libs-1.4.3-5.5.ppc.rpm
b2b2e49c40a4f2f9896e1968533df905c9bf5a17  ppc/krb5-workstation-1.4.3-5.5.ppc.rpm
d5138a1387d0c53555f30b62453c4acc48c3f850  ppc/krb5-devel-1.4.3-5.5.ppc.rpm
fb2b5ee96faeb4a32e5ebef492e3951f884be0b7  x86_64/debug/krb5-debuginfo-1.4.3-5.5.x86_64.rpm
c38ff027c2fc12e2f5574978d447d3312f46c083  x86_64/krb5-server-1.4.3-5.5.x86_64.rpm
ae8e4ccde571e411765b76813df63179cccb14b0  x86_64/krb5-libs-1.4.3-5.5.x86_64.rpm
a429a9a7e6bc3716bc3762aed47949aafce2fe93  x86_64/krb5-devel-1.4.3-5.5.x86_64.rpm
4097c5826880d51c689cc2ac9598865d2d963d2e  x86_64/krb5-workstation-1.4.3-5.5.x86_64.rpm
dbfb9c6daf7737dba40ef46ee83311179664eddd  i386/krb5-devel-1.4.3-5.5.i386.rpm
b1d93b42f28f0722f758493897ee8036cce1d8ab  i386/krb5-server-1.4.3-5.5.i386.rpm
0d7d3f5d147c26f023e16c5c21f45716bfc04ab2  i386/krb5-libs-1.4.3-5.5.i386.rpm
08bb2e80ac94de576b5bc6129c329fed91e215c1  i386/krb5-workstation-1.4.3-5.5.i386.rpm
270cb51345181477d454f97015af76c5b303a25e  i386/debug/krb5-debuginfo-1.4.3-5.5.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at

Fedora-package-announce mailing list
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.