Stay Connected:

ELSA-2011-0200

ELSA-2011-0200 - krb5 security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2011-02-10

Description



[1.8.2-3.4]
- add upstream patches to fix standalone kpropd exiting if the per-client
child process exits with an error, and hang or crash in the KDC when using
the LDAP kdb backend (CVE-2010-4022, CVE-2011-0281, CVE-2011-0282, #671101)

[1.8.2-3.3]
- pull up crypto changes made between 1.8.2 and 1.8.3 to fix upstream #6751,
assumed to already be there for the next fix
- incorporate candidate patch to fix various issues from MITKRB5-SA-2010-007
(CVE-2010-1323, CVE-2010-1324, CVE-2010-4020, #651962)

[1.8.2-3.2]
- fix reading of keyUsage extensions when attempting to select pkinit client
certs (part of #644825, RT#6775)
- fix selection of pkinit client certs when one or more don't include a
subjectAltName extension (part of #644825, RT#6774)

[1.8.2-3.1]
- incorporate candidate patch to fix uninitialized pointer crash in the KDC
(CVE-2010-1322, #636336)


Related CVEs


CVE-2011-0282
CVE-2011-0281
CVE-2010-1322
CVE-2010-4020
CVE-2010-1324
CVE-2010-4022
CVE-2010-1323

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 6 (i386) krb5-1.8.2-3.el6_0.4.src.rpm03d9823fb41635da91ec3a8f33bcb8d2110a73c9e4e09982712f50b0a5714613ELSA-2016-0493ol6_ga_i386_patch
krb5-1.8.2-3.el6_0.4.src.rpm03d9823fb41635da91ec3a8f33bcb8d2110a73c9e4e09982712f50b0a5714613ELSA-2016-0493ol6_i386_latest_archive
krb5-devel-1.8.2-3.el6_0.4.i686.rpm62482177132169fa41007ee5d6d964c40f2d4fac631c18f69d9811c17a54af7dELSA-2016-0493ol6_ga_i386_patch
krb5-devel-1.8.2-3.el6_0.4.i686.rpm62482177132169fa41007ee5d6d964c40f2d4fac631c18f69d9811c17a54af7dELSA-2016-0493ol6_i386_latest_archive
krb5-libs-1.8.2-3.el6_0.4.i686.rpmae24a067737cae229a5d8a1d27c9864c0ed959f069bbc3cd1c41cec9f61ca0e1ELSA-2016-0493ol6_ga_i386_patch
krb5-libs-1.8.2-3.el6_0.4.i686.rpmae24a067737cae229a5d8a1d27c9864c0ed959f069bbc3cd1c41cec9f61ca0e1ELSA-2016-0493ol6_i386_latest_archive
krb5-pkinit-openssl-1.8.2-3.el6_0.4.i686.rpma82b69b76b8f07f8514a16392ab29f8cc38514ea48521efcdd859d3a6d54a089ELSA-2016-0493ol6_ga_i386_patch
krb5-pkinit-openssl-1.8.2-3.el6_0.4.i686.rpma82b69b76b8f07f8514a16392ab29f8cc38514ea48521efcdd859d3a6d54a089ELSA-2016-0493ol6_i386_latest_archive
krb5-server-1.8.2-3.el6_0.4.i686.rpm11ef686c8d7979ffa104ee80d2d7422812de697f78cede89ef559df72aed2ba8ELSA-2016-0493ol6_ga_i386_patch
krb5-server-1.8.2-3.el6_0.4.i686.rpm11ef686c8d7979ffa104ee80d2d7422812de697f78cede89ef559df72aed2ba8ELSA-2016-0493ol6_i386_latest_archive
krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpmfa40157deaa288c4072a3291bbe0d8837e83838b4300ea3073cdc5323f959292ELSA-2016-0493ol6_ga_i386_patch
krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpmfa40157deaa288c4072a3291bbe0d8837e83838b4300ea3073cdc5323f959292ELSA-2016-0493ol6_i386_latest_archive
krb5-workstation-1.8.2-3.el6_0.4.i686.rpm21a2767492d2d4b145643f94e44b91c33d829a72f2cae76c49e6167dee7282fbELSA-2016-0493ol6_ga_i386_patch
krb5-workstation-1.8.2-3.el6_0.4.i686.rpm21a2767492d2d4b145643f94e44b91c33d829a72f2cae76c49e6167dee7282fbELSA-2016-0493ol6_i386_latest_archive
Oracle Linux 6 (x86_64) krb5-1.8.2-3.el6_0.4.src.rpm03d9823fb41635da91ec3a8f33bcb8d2110a73c9e4e09982712f50b0a5714613ELSA-2016-0493ol6_ga_x86_64_patch
krb5-1.8.2-3.el6_0.4.src.rpm03d9823fb41635da91ec3a8f33bcb8d2110a73c9e4e09982712f50b0a5714613ELSA-2016-0493ol6_x86_64_latest_archive
krb5-devel-1.8.2-3.el6_0.4.i686.rpm62482177132169fa41007ee5d6d964c40f2d4fac631c18f69d9811c17a54af7dELSA-2016-0493ol6_ga_x86_64_patch
krb5-devel-1.8.2-3.el6_0.4.i686.rpm62482177132169fa41007ee5d6d964c40f2d4fac631c18f69d9811c17a54af7dELSA-2016-0493ol6_x86_64_latest_archive
krb5-devel-1.8.2-3.el6_0.4.x86_64.rpm456310d5a377d5334508d497f5d142b0b183ec7674c11ebe735133fa2cac2e8aELSA-2016-0493ol6_ga_x86_64_patch
krb5-devel-1.8.2-3.el6_0.4.x86_64.rpm456310d5a377d5334508d497f5d142b0b183ec7674c11ebe735133fa2cac2e8aELSA-2016-0493ol6_x86_64_latest_archive
krb5-libs-1.8.2-3.el6_0.4.i686.rpmae24a067737cae229a5d8a1d27c9864c0ed959f069bbc3cd1c41cec9f61ca0e1ELSA-2016-0493ol6_ga_x86_64_patch
krb5-libs-1.8.2-3.el6_0.4.i686.rpmae24a067737cae229a5d8a1d27c9864c0ed959f069bbc3cd1c41cec9f61ca0e1ELSA-2016-0493ol6_x86_64_latest_archive
krb5-libs-1.8.2-3.el6_0.4.x86_64.rpm0b930ec5e0a5156de00848a45c22d5eb38726b8b09f9a6e3ab1956114da3c367ELSA-2016-0493ol6_ga_x86_64_patch
krb5-libs-1.8.2-3.el6_0.4.x86_64.rpm0b930ec5e0a5156de00848a45c22d5eb38726b8b09f9a6e3ab1956114da3c367ELSA-2016-0493ol6_x86_64_latest_archive
krb5-pkinit-openssl-1.8.2-3.el6_0.4.x86_64.rpm3943608c36367bbfc15dc09a09f749fc334cf1df69f96f8a73dd176892a9c680ELSA-2016-0493ol6_ga_x86_64_patch
krb5-pkinit-openssl-1.8.2-3.el6_0.4.x86_64.rpm3943608c36367bbfc15dc09a09f749fc334cf1df69f96f8a73dd176892a9c680ELSA-2016-0493ol6_x86_64_latest_archive
krb5-server-1.8.2-3.el6_0.4.x86_64.rpm34b7d6061302b31571ecf9ab98ac0eb8b2eb7cd75ed3b69ab82c9fb3b3cdc5cdELSA-2016-0493ol6_ga_x86_64_patch
krb5-server-1.8.2-3.el6_0.4.x86_64.rpm34b7d6061302b31571ecf9ab98ac0eb8b2eb7cd75ed3b69ab82c9fb3b3cdc5cdELSA-2016-0493ol6_x86_64_latest_archive
krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpmfa40157deaa288c4072a3291bbe0d8837e83838b4300ea3073cdc5323f959292ELSA-2016-0493ol6_ga_x86_64_patch
krb5-server-ldap-1.8.2-3.el6_0.4.i686.rpmfa40157deaa288c4072a3291bbe0d8837e83838b4300ea3073cdc5323f959292ELSA-2016-0493ol6_x86_64_latest_archive
krb5-server-ldap-1.8.2-3.el6_0.4.x86_64.rpme5f6eb56850f6c60dedc3d040bfa0050a8ec1f3d3cbd09f9c3dc559ea75e7e07ELSA-2016-0493ol6_ga_x86_64_patch
krb5-server-ldap-1.8.2-3.el6_0.4.x86_64.rpme5f6eb56850f6c60dedc3d040bfa0050a8ec1f3d3cbd09f9c3dc559ea75e7e07ELSA-2016-0493ol6_x86_64_latest_archive
krb5-workstation-1.8.2-3.el6_0.4.x86_64.rpm53393dc69234d4c0d5b2d0f3d7083196df5ec5a53a74dfacd017e2e5b3dc3217ELSA-2016-0493ol6_ga_x86_64_patch
krb5-workstation-1.8.2-3.el6_0.4.x86_64.rpm53393dc69234d4c0d5b2d0f3d7083196df5ec5a53a74dfacd017e2e5b3dc3217ELSA-2016-0493ol6_x86_64_latest_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights