ELSA-2010-0258
- ULN >
- Oracle Linux Errata repository >
- ELSA-2010-0258
ELSA-2010-0258 - pam_krb5 security and bug fix update
| Type: | SECURITY |
| Impact: | LOW |
| Release Date: | 2010-04-05 |
Description
[2.2.14-15]
- update backport for selecting which key to use for validation so that it
prefers services with the local host name as the instance, from HEAD (more
of #450776)
[2.2.14-14]
- backport the 'multiple_ccaches' option from HEAD, requiring that it
be enabled to not immediately remove an old ccache when asked to create
a new one (#463417)
[2.2.14-13]
- add patch to add the 'chpw_prompt' option, to allow the older behavior
of attempting a password-change during authentication if libkrb5 detects
an expired password, based on patch from Olivier Fourdan (#509092)
[2.2.14-12]
- dont vary the password prompt depending on whether or not the user exists
or is known to the KDC (CVE-2009-1384, #505265)
- prefer using the 'host' service when verifying that a TGT isnt forged,
from HEAD (#450776)
[2.2.14-11]
- dont enforce minimum_uid when no_user_check is also used, from
HEAD (#490404)
- dont try to get password-changing creds with all of the flags set
that we would request for a TGT (#489015)
Related CVEs
| CVE-2009-1384 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 5 (i386) | pam_krb5-2.2.14-15.src.rpm | 1f8035d3226ece9933909238906aa0b073a3983488300486453a4461fa70f6d4 | - | el5_u5_i386_base |
| pam_krb5-2.2.14-15.i386.rpm | 03f87b36e5b28dc325e8bd7e2377481f4bb13761df1f5d21e25b902e49c531bc | - | el5_u5_i386_base | |
| Oracle Linux 5 (ia64) | pam_krb5-2.2.14-15.src.rpm | 1f8035d3226ece9933909238906aa0b073a3983488300486453a4461fa70f6d4 | - | el5_u5_ia64_base |
| pam_krb5-2.2.14-15.src.rpm | 1f8035d3226ece9933909238906aa0b073a3983488300486453a4461fa70f6d4 | - | ol5_ia64_latest | |
| pam_krb5-2.2.14-15.i386.rpm | 03f87b36e5b28dc325e8bd7e2377481f4bb13761df1f5d21e25b902e49c531bc | - | el5_u5_ia64_base | |
| pam_krb5-2.2.14-15.i386.rpm | 03f87b36e5b28dc325e8bd7e2377481f4bb13761df1f5d21e25b902e49c531bc | - | ol5_ia64_latest | |
| pam_krb5-2.2.14-15.ia64.rpm | e7cbbd9e9e4614c62848ebd261ca3055dd811d8d8650fbb5b61a88745262a335 | - | el5_u5_ia64_base | |
| pam_krb5-2.2.14-15.ia64.rpm | e7cbbd9e9e4614c62848ebd261ca3055dd811d8d8650fbb5b61a88745262a335 | - | ol5_ia64_latest | |
| Oracle Linux 5 (x86_64) | pam_krb5-2.2.14-15.src.rpm | 1f8035d3226ece9933909238906aa0b073a3983488300486453a4461fa70f6d4 | - | el5_u5_x86_64_base |
| pam_krb5-2.2.14-15.i386.rpm | 03f87b36e5b28dc325e8bd7e2377481f4bb13761df1f5d21e25b902e49c531bc | - | el5_u5_x86_64_base | |
| pam_krb5-2.2.14-15.x86_64.rpm | 3be52810c6f9a875a56b58bdaa092f3c77c6e03c8f5d62c504683148236af075 | - | el5_u5_x86_64_base | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
