ELSA-2025-9418

ULN >
Oracle Linux Errata repository >
ELSA-2025-9418

ELSA-2025-9418 - krb5 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-06-27

Description

[1.21.3-8.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]

[1.21.3-8]
- Do not block HMAC-MD4/5 in FIPS mode
Resolves: RHEL-88705
- Don't issue RC4 session keys by default (CVE-2025-3576)
Resolves: RHEL-88047
- Add PKINIT paChecksum2 from MS-PKCA v20230920
Resolves: RHEL-74295

Related CVEs

CVE-2025-3576

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 10 (aarch64)	krb5-1.21.3-8.0.1.el10_0.src.rpm	07dd2603325575f838f7e1c382348e60ac279e2adb0bc8ac857dfb49fbe1e53e	-	ol10_aarch64_appstream
	krb5-1.21.3-8.0.1.el10_0.src.rpm	07dd2603325575f838f7e1c382348e60ac279e2adb0bc8ac857dfb49fbe1e53e	-	ol10_aarch64_baseos_latest
	krb5-1.21.3-8.0.1.el10_0.src.rpm	07dd2603325575f838f7e1c382348e60ac279e2adb0bc8ac857dfb49fbe1e53e	-	ol10_aarch64_u0_baseos_patch
	krb5-devel-1.21.3-8.0.1.el10_0.aarch64.rpm	594ae2149bb1dd329df4ccddadfe0de302b7d7d9cc85a5914d51ddc101778271	-	ol10_aarch64_appstream
	krb5-libs-1.21.3-8.0.1.el10_0.aarch64.rpm	a1af48fc42db4464f6c8815caf87ffaa3aa983ad8d890e016982e02f85863ac2	-	ol10_aarch64_baseos_latest
	krb5-libs-1.21.3-8.0.1.el10_0.aarch64.rpm	a1af48fc42db4464f6c8815caf87ffaa3aa983ad8d890e016982e02f85863ac2	-	ol10_aarch64_u0_baseos_patch
	krb5-pkinit-1.21.3-8.0.1.el10_0.aarch64.rpm	b2fb01ac7cbe39133cf211cbc14fe0c13b09486d9b0862e318994aef574e9cad	-	ol10_aarch64_baseos_latest
	krb5-pkinit-1.21.3-8.0.1.el10_0.aarch64.rpm	b2fb01ac7cbe39133cf211cbc14fe0c13b09486d9b0862e318994aef574e9cad	-	ol10_aarch64_u0_baseos_patch
	krb5-server-1.21.3-8.0.1.el10_0.aarch64.rpm	1feaa10d83d00967620d48dfa49b61be5b09aa197692740e422bf4e32837df77	-	ol10_aarch64_baseos_latest
	krb5-server-1.21.3-8.0.1.el10_0.aarch64.rpm	1feaa10d83d00967620d48dfa49b61be5b09aa197692740e422bf4e32837df77	-	ol10_aarch64_u0_baseos_patch
	krb5-server-ldap-1.21.3-8.0.1.el10_0.aarch64.rpm	75ba49449072b69dda47614894d3342e590c184fa56dd249430c805d1bfeae17	-	ol10_aarch64_baseos_latest
	krb5-server-ldap-1.21.3-8.0.1.el10_0.aarch64.rpm	75ba49449072b69dda47614894d3342e590c184fa56dd249430c805d1bfeae17	-	ol10_aarch64_u0_baseos_patch
	krb5-workstation-1.21.3-8.0.1.el10_0.aarch64.rpm	4449c7ef2b9304357aea8ca6f1fe4a1cbb658d9ddee45f56fd906aeec2514bce	-	ol10_aarch64_baseos_latest
	krb5-workstation-1.21.3-8.0.1.el10_0.aarch64.rpm	4449c7ef2b9304357aea8ca6f1fe4a1cbb658d9ddee45f56fd906aeec2514bce	-	ol10_aarch64_u0_baseos_patch
	libkadm5-1.21.3-8.0.1.el10_0.aarch64.rpm	18fa134d4b96d907f4e88bcc9c969f477e43cbd2731565f889f73a2f532ab73f	-	ol10_aarch64_baseos_latest
	libkadm5-1.21.3-8.0.1.el10_0.aarch64.rpm	18fa134d4b96d907f4e88bcc9c969f477e43cbd2731565f889f73a2f532ab73f	-	ol10_aarch64_u0_baseos_patch

Oracle Linux 10 (x86_64)	krb5-1.21.3-8.0.1.el10_0.src.rpm	07dd2603325575f838f7e1c382348e60ac279e2adb0bc8ac857dfb49fbe1e53e	-	ol10_x86_64_appstream
	krb5-1.21.3-8.0.1.el10_0.src.rpm	07dd2603325575f838f7e1c382348e60ac279e2adb0bc8ac857dfb49fbe1e53e	-	ol10_x86_64_baseos_latest
	krb5-1.21.3-8.0.1.el10_0.src.rpm	07dd2603325575f838f7e1c382348e60ac279e2adb0bc8ac857dfb49fbe1e53e	-	ol10_x86_64_u0_baseos_patch
	krb5-devel-1.21.3-8.0.1.el10_0.x86_64.rpm	48bf86a5011f86073baa3c1e0fc78f2f215a9e3eb07f4560a6b2bb2397503ccb	-	ol10_x86_64_appstream
	krb5-libs-1.21.3-8.0.1.el10_0.x86_64.rpm	a3847c5ad5c33bcc4069ae9d2eaf57ebcde2f0e57e97ab232c181ea620eed2ba	-	ol10_x86_64_baseos_latest
	krb5-libs-1.21.3-8.0.1.el10_0.x86_64.rpm	a3847c5ad5c33bcc4069ae9d2eaf57ebcde2f0e57e97ab232c181ea620eed2ba	-	ol10_x86_64_u0_baseos_patch
	krb5-pkinit-1.21.3-8.0.1.el10_0.x86_64.rpm	27f862877210221352c88c7c65555951b684cef8eed3e3247c0e0e4702a10328	-	ol10_x86_64_baseos_latest
	krb5-pkinit-1.21.3-8.0.1.el10_0.x86_64.rpm	27f862877210221352c88c7c65555951b684cef8eed3e3247c0e0e4702a10328	-	ol10_x86_64_u0_baseos_patch
	krb5-server-1.21.3-8.0.1.el10_0.x86_64.rpm	b43b4f17f74fd677ff4ac3d415637817ad5786c21ea3ac025761d9e62eb553d1	-	ol10_x86_64_baseos_latest
	krb5-server-1.21.3-8.0.1.el10_0.x86_64.rpm	b43b4f17f74fd677ff4ac3d415637817ad5786c21ea3ac025761d9e62eb553d1	-	ol10_x86_64_u0_baseos_patch
	krb5-server-ldap-1.21.3-8.0.1.el10_0.x86_64.rpm	13e28f929a5246aada5c18c59014ff3574969e22c708ce8ffe775dd0bb84bb71	-	ol10_x86_64_baseos_latest
	krb5-server-ldap-1.21.3-8.0.1.el10_0.x86_64.rpm	13e28f929a5246aada5c18c59014ff3574969e22c708ce8ffe775dd0bb84bb71	-	ol10_x86_64_u0_baseos_patch
	krb5-workstation-1.21.3-8.0.1.el10_0.x86_64.rpm	f1cb8032096a0a4c1ccb438b8028221bbaca82f951d489381c329b080223a10a	-	ol10_x86_64_baseos_latest
	krb5-workstation-1.21.3-8.0.1.el10_0.x86_64.rpm	f1cb8032096a0a4c1ccb438b8028221bbaca82f951d489381c329b080223a10a	-	ol10_x86_64_u0_baseos_patch
	libkadm5-1.21.3-8.0.1.el10_0.x86_64.rpm	53b3c7868dce3d0deb7a9a5d671169714854a391239b233f923e2c7ea303aa0d	-	ol10_x86_64_baseos_latest
	libkadm5-1.21.3-8.0.1.el10_0.x86_64.rpm	53b3c7868dce3d0deb7a9a5d671169714854a391239b233f923e2c7ea303aa0d	-	ol10_x86_64_u0_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691