ELSA-2007-0095

ULN >
Oracle Linux Errata repository >
ELSA-2007-0095

ELSA-2007-0095 - Critical: krb5 security update

Type:	SECURITY
Impact:	CRITICAL
Release Date:	2007-04-04

Description

[1.3.4-46]
- fix bug ID in changelog

[1.3.4-45]
- add preliminary patch to fix buffer overflow in krb5kdc and kadmind
(#231528, CVE-2007-0957)
- add preliminary patch to fix double-free in kadmind (#231537, CVE-2007-1216)

[1.3.4-44]
- temporarily disable bug fixes for #143289, #179062, #180671, #202191, #223669
for security update
- add preliminary patch to correct unauthorized access via krb5-aware telnet
daemon (#229782, CVE-2007-0956)

[1.3.4-43]
- re-enable fixes for #143289, #223669 and rebuild

[1.3.4-42]
- temporarily back out fixes for #143289, #223669 and rebuild

[1.3.4-41]
- update rcp non-fatal error patch to fix hangs on write errors, too (Jose
Plans, #223669)

[1.3.4-40]
- report a non-fatal error to the remote rcp when the client fails to open a
file for writing (#223669)

[1.3.4-39]
- refrain from killing any lingering members of our child's process group when
logging that the child process has exited (Jose Plans, #143289)

[1.3.4-38]
- correct syntax error in krb5-config.sh

[1.3.4-37]
- update to revised upstream patches for CVE-2006-3083 and CVE-2006-3084
(MITKRB5-SA-2006-001) to avoid unnecessary error messages from ksu (#209512)

[1.3.4-36]
- add missing shebang headers to krsh and krlogin wrapper scripts (#209238)

[1.3.4-35]
- backport changes to make krb5-devel multilib-safe (#202191, prereq for

[1.3.4-34]
- reapply changes for #198633, #179062, #180671

[1.3.4-33]
- temporarily revert changes for #198633

[ 1.3.4-32]
- rebuild

[1.3.4-31]
- temporarily revert changes for #179062
- temporarily revert changes for #180671
- apply patch to fix unchecked calls to setuid() (CVE-2006-3083) and
seteuid() (CVE-2006-3084) (#197818)

[1.3.4-30]
- incorporate fixes for hangs in the rsh client and server (#198633)

[1.3.4-29]
- if we fail to determine the name of a master KDC in
krb5_get_init_creds_keytab(), return the error we got from the non-master
rather than the can't-determine-the-name error, which isn't so useful,
matching the current release's behavior (#180671)

[1.3.4-28]
- reenable the fix for #179062

Related CVEs

CVE-2007-0957

CVE-2007-1216

CVE-2007-0956

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 3 (i386)	krb5-devel-1.2.7-61.i386.rpm	53e2252aca588529c74b6a77d42917cca7be57c200b81b9ab46bd11054529ad0	ELSA-2010-0423	el3_i386_latest
	krb5-devel-1.2.7-61.i386.rpm	53e2252aca588529c74b6a77d42917cca7be57c200b81b9ab46bd11054529ad0	ELSA-2010-0423	el3_u8_i386_patch
	krb5-libs-1.2.7-61.i386.rpm	4cf9b7c022fd3fc364b2a70b0fcbb50103211acbd1d546d5d794ef698a6eed8a	ELSA-2010-0423	el3_i386_latest
	krb5-libs-1.2.7-61.i386.rpm	4cf9b7c022fd3fc364b2a70b0fcbb50103211acbd1d546d5d794ef698a6eed8a	ELSA-2010-0423	el3_u8_i386_patch
	krb5-server-1.2.7-61.i386.rpm	29b7803046cb2ea3230b19e3d1cef4eb5909d6530c503021251c5e2550cb6a38	ELSA-2010-0423	el3_i386_latest
	krb5-server-1.2.7-61.i386.rpm	29b7803046cb2ea3230b19e3d1cef4eb5909d6530c503021251c5e2550cb6a38	ELSA-2010-0423	el3_u8_i386_patch
	krb5-workstation-1.2.7-61.i386.rpm	45e17735acd537739e6bf9ea9f265e7f82100ef5ba8c925331e9f1180efde3c4	ELSA-2010-0423	el3_i386_latest
	krb5-workstation-1.2.7-61.i386.rpm	45e17735acd537739e6bf9ea9f265e7f82100ef5ba8c925331e9f1180efde3c4	ELSA-2010-0423	el3_u8_i386_patch

Oracle Linux 3 (x86_64)	krb5-devel-1.2.7-61.x86_64.rpm	4f8b5f9e68493d0efa22339912104f905e0b994805090edf02873026a8d19563	ELSA-2010-0423	el3_u8_x86_64_patch
	krb5-devel-1.2.7-61.x86_64.rpm	4f8b5f9e68493d0efa22339912104f905e0b994805090edf02873026a8d19563	ELSA-2010-0423	el3_x86_64_latest
	krb5-libs-1.2.7-61.i386.rpm	4cf9b7c022fd3fc364b2a70b0fcbb50103211acbd1d546d5d794ef698a6eed8a	ELSA-2010-0423	el3_u8_x86_64_patch
	krb5-libs-1.2.7-61.i386.rpm	4cf9b7c022fd3fc364b2a70b0fcbb50103211acbd1d546d5d794ef698a6eed8a	ELSA-2010-0423	el3_x86_64_latest
	krb5-libs-1.2.7-61.x86_64.rpm	a9451e5070bec87651f4abd01a3b93e0d1e51a204c80b6cfe1d30f2cbf0d82c9	ELSA-2010-0423	el3_u8_x86_64_patch
	krb5-libs-1.2.7-61.x86_64.rpm	a9451e5070bec87651f4abd01a3b93e0d1e51a204c80b6cfe1d30f2cbf0d82c9	ELSA-2010-0423	el3_x86_64_latest
	krb5-server-1.2.7-61.x86_64.rpm	cb43a9bd46f1b618118042323ab9638734bfde7df09e84153ad0d10e0d7efdd5	ELSA-2010-0423	el3_u8_x86_64_patch
	krb5-server-1.2.7-61.x86_64.rpm	cb43a9bd46f1b618118042323ab9638734bfde7df09e84153ad0d10e0d7efdd5	ELSA-2010-0423	el3_x86_64_latest
	krb5-workstation-1.2.7-61.x86_64.rpm	c5d0d8e1f3232c6574b242452e60d7172191b5d31f9f65c58697d659a6ebbfe1	ELSA-2010-0423	el3_u8_x86_64_patch
	krb5-workstation-1.2.7-61.x86_64.rpm	c5d0d8e1f3232c6574b242452e60d7172191b5d31f9f65c58697d659a6ebbfe1	ELSA-2010-0423	el3_x86_64_latest

Oracle Linux 4 (i386)	krb5-devel-1.3.4-46.i386.rpm	523efd7318e9f9ecd4532eeccfa9a0bd7c241b1fa819f20b30286618ea899159	ELSA-2011-1851	el4_i386_latest
	krb5-devel-1.3.4-46.i386.rpm	523efd7318e9f9ecd4532eeccfa9a0bd7c241b1fa819f20b30286618ea899159	ELSA-2011-1851	el4_u4_i386_patch
	krb5-libs-1.3.4-46.i386.rpm	6d1a5531ab26c1c5c8f09224695904936bdb52702bdfb05b4f0dee60d16cad12	ELSA-2011-1851	el4_i386_latest
	krb5-libs-1.3.4-46.i386.rpm	6d1a5531ab26c1c5c8f09224695904936bdb52702bdfb05b4f0dee60d16cad12	ELSA-2011-1851	el4_u4_i386_patch
	krb5-server-1.3.4-46.i386.rpm	b8776c4954b13898da9d8a492857bd2d1fb26e6c4b114e5f02de829e8e32ee2d	ELSA-2011-1851	el4_i386_latest
	krb5-server-1.3.4-46.i386.rpm	b8776c4954b13898da9d8a492857bd2d1fb26e6c4b114e5f02de829e8e32ee2d	ELSA-2011-1851	el4_u4_i386_patch
	krb5-workstation-1.3.4-46.i386.rpm	ad1e380dbb00f7b2fa4eac9b856c0d39316db84b704ab4b36016ec170fe14e69	ELSA-2011-1851	el4_i386_latest
	krb5-workstation-1.3.4-46.i386.rpm	ad1e380dbb00f7b2fa4eac9b856c0d39316db84b704ab4b36016ec170fe14e69	ELSA-2011-1851	el4_u4_i386_patch

Oracle Linux 4 (x86_64)	krb5-devel-1.3.4-46.x86_64.rpm	34fa1c77632fc622ff3265593361c4d45b96ab3ae8d7a16db5085c53083422f0	ELSA-2011-1851	el4_u4_x86_64_patch
	krb5-devel-1.3.4-46.x86_64.rpm	34fa1c77632fc622ff3265593361c4d45b96ab3ae8d7a16db5085c53083422f0	ELSA-2011-1851	el4_x86_64_latest
	krb5-libs-1.3.4-46.i386.rpm	6d1a5531ab26c1c5c8f09224695904936bdb52702bdfb05b4f0dee60d16cad12	ELSA-2011-1851	el4_u4_x86_64_patch
	krb5-libs-1.3.4-46.i386.rpm	6d1a5531ab26c1c5c8f09224695904936bdb52702bdfb05b4f0dee60d16cad12	ELSA-2011-1851	el4_x86_64_latest
	krb5-libs-1.3.4-46.x86_64.rpm	1389b96714d38f2ded2c8fe798b67e658b5fc06da4922971ede6a5f3ede1bfb3	ELSA-2011-1851	el4_u4_x86_64_patch
	krb5-libs-1.3.4-46.x86_64.rpm	1389b96714d38f2ded2c8fe798b67e658b5fc06da4922971ede6a5f3ede1bfb3	ELSA-2011-1851	el4_x86_64_latest
	krb5-server-1.3.4-46.x86_64.rpm	cc969fc77eb44239ca1c5fedbe96bbce1458dc65b4b5960d96f780f5f2a98b95	ELSA-2011-1851	el4_u4_x86_64_patch
	krb5-server-1.3.4-46.x86_64.rpm	cc969fc77eb44239ca1c5fedbe96bbce1458dc65b4b5960d96f780f5f2a98b95	ELSA-2011-1851	el4_x86_64_latest
	krb5-workstation-1.3.4-46.x86_64.rpm	3ad2e8b9aff8442378c550cfb407e39038c31422061977bae42ef67964a080d5	ELSA-2011-1851	el4_u4_x86_64_patch
	krb5-workstation-1.3.4-46.x86_64.rpm	3ad2e8b9aff8442378c550cfb407e39038c31422061977bae42ef67964a080d5	ELSA-2011-1851	el4_x86_64_latest

Oracle Linux 5 (i386)	krb5-1.5-23.src.rpm	149915925f82ac535ae8f8cb82228552f441127fd9839d0657a985a0e64847f7	ELSA-2014-1255	el5_ga_i386_patch
	krb5-devel-1.5-23.i386.rpm	b9737d3c593d82c7f8274e3cbe7e7c99f27eff750239fdbedfe8fcc36d44a216	ELSA-2014-1255	el5_ga_i386_patch
	krb5-libs-1.5-23.i386.rpm	639e44d7b968c57f27a8932406c286945b417238011dc358538b7965b4aa781b	ELSA-2014-1255	el5_ga_i386_patch
	krb5-server-1.5-23.i386.rpm	4ae61e5cd92fe95af483da93554d16a1b938fae503da144e8afb2525346d64aa	ELSA-2014-1255	el5_ga_i386_patch
	krb5-workstation-1.5-23.i386.rpm	b6fe4e49a41b12b591dfc5c70fd56a12deaa397051483c3ac5ee5c16b028fb43	ELSA-2014-1255	el5_ga_i386_patch

Oracle Linux 5 (x86_64)	krb5-1.5-23.src.rpm	149915925f82ac535ae8f8cb82228552f441127fd9839d0657a985a0e64847f7	ELSA-2014-1255	el5_ga_x86_64_patch
	krb5-devel-1.5-23.i386.rpm	b9737d3c593d82c7f8274e3cbe7e7c99f27eff750239fdbedfe8fcc36d44a216	ELSA-2014-1255	el5_ga_x86_64_patch
	krb5-devel-1.5-23.x86_64.rpm	985670d563c14f54c08fc141f8c881bdfcc9b41bbc9aa5a4febd43060f9d8cbd	ELSA-2014-1255	el5_ga_x86_64_patch
	krb5-libs-1.5-23.i386.rpm	639e44d7b968c57f27a8932406c286945b417238011dc358538b7965b4aa781b	ELSA-2014-1255	el5_ga_x86_64_patch
	krb5-libs-1.5-23.x86_64.rpm	2c8413f04dcb2c07a436262972168607c69f76b03234af3bade2a816be8f2767	ELSA-2014-1255	el5_ga_x86_64_patch
	krb5-server-1.5-23.x86_64.rpm	79799925d4ff3b5e1ed5385dda4aebe4f67ce90ffa28cca0f4a24d5023ad78f0	ELSA-2014-1255	el5_ga_x86_64_patch
	krb5-workstation-1.5-23.x86_64.rpm	1d955eae60d8ce9b86af3373d6ead63d042ba190aa95ff2e0881830c621a145c	ELSA-2014-1255	el5_ga_x86_64_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691