ELSA-2012-0306

ULN >
Oracle Linux Errata repository >
ELSA-2012-0306

ELSA-2012-0306 - krb5 security and bug fix update

Type:	SECURITY
Severity:	LOW
Release Date:	2012-03-01

Description

[1.6.1-70.el5]
- add upstream patch for telnetd buffer overflow (CVE-2011-4862, #770351)

[1.6.1-69.el5]
- ftp: fix a static analysis should-never-happen NULL dereference (#750823)

[1.6.1-68.el5]
- backport fixes to teach libkrb5 to use descriptors higher than FD_SETSIZE
to talk to a KDC by using poll() if it's detected at compile-time, revised
(#701444, RT#6905)

[1.6.1-67.el5]
- add backported patch by way of jbarbuc to free subkeys created by the
KDC while processing TGS requests (#708516)

[1.6.1-66.el5]
- add backported patch by way of several people to better avoid false
detection of replay attacks when talking to systems with coarse time
resolution (#713500)

[1.6.1-65.el5]
- ftpd: add backported patch to check for errors when calling setegid
(MITKRB5-SA-2011-005, CVE-2011-1526, #719098)

[1.6.1-64.el5]
- klist: don't trip over referral entries when invoked with -s (#729067,
RT#6915)

Related CVEs

CVE-2011-1526

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 5 (i386)	krb5-1.6.1-70.el5.src.rpm	5a391785eed4548c0d0db3cc0da9909f	ELSA-2014-1255
	krb5-devel-1.6.1-70.el5.i386.rpm	3d7ee5f90f28f3c67e9ae7a59fcdce13	ELSA-2014-1255
	krb5-libs-1.6.1-70.el5.i386.rpm	421c877f72df67f821c55abd634a3a36	ELSA-2014-1255
	krb5-server-1.6.1-70.el5.i386.rpm	9c50f732fe8be9e6936d75522ece7472	ELSA-2014-1255
	krb5-server-ldap-1.6.1-70.el5.i386.rpm	2b2099351fac98e04b8fc39a855ab834	ELSA-2014-1255
	krb5-workstation-1.6.1-70.el5.i386.rpm	58535189c0c8364ef915342fbb95b234	ELSA-2014-1255

Oracle Linux 5 (ia64)	krb5-1.6.1-70.el5.src.rpm	5a391785eed4548c0d0db3cc0da9909f	ELSA-2014-1255
	krb5-devel-1.6.1-70.el5.ia64.rpm	ecde32a3f52e30f4a057e129ac1f6290	ELSA-2014-1255
	krb5-libs-1.6.1-70.el5.i386.rpm	421c877f72df67f821c55abd634a3a36	ELSA-2014-1255
	krb5-libs-1.6.1-70.el5.ia64.rpm	c74f036ad98b22a3b2564d8cdcc6b719	ELSA-2014-1255
	krb5-server-1.6.1-70.el5.ia64.rpm	37482c22e5cdf02c3e8b9d3d6af50850	ELSA-2014-1255
	krb5-server-ldap-1.6.1-70.el5.ia64.rpm	f13c97136b2a8fbb382d3d9d9d82c35c	ELSA-2014-1255
	krb5-workstation-1.6.1-70.el5.ia64.rpm	0562645f06d43d01f2b1214bc5a4a407	ELSA-2014-1255

Oracle Linux 5 (x86_64)	krb5-1.6.1-70.el5.src.rpm	5a391785eed4548c0d0db3cc0da9909f	ELSA-2014-1255
	krb5-devel-1.6.1-70.el5.i386.rpm	3d7ee5f90f28f3c67e9ae7a59fcdce13	ELSA-2014-1255
	krb5-devel-1.6.1-70.el5.x86_64.rpm	5c8d51095ae43f60f2c7c3274fbb09c7	ELSA-2014-1255
	krb5-libs-1.6.1-70.el5.i386.rpm	421c877f72df67f821c55abd634a3a36	ELSA-2014-1255
	krb5-libs-1.6.1-70.el5.x86_64.rpm	692be1ea2bf350039a337ab88b97adf4	ELSA-2014-1255
	krb5-server-1.6.1-70.el5.x86_64.rpm	baf636ad1715ee6e313732163007da9e	ELSA-2014-1255
	krb5-server-ldap-1.6.1-70.el5.x86_64.rpm	4e5a978df6b5d51b121f087afd703d3d	ELSA-2014-1255
	krb5-workstation-1.6.1-70.el5.x86_64.rpm	2570d3aaac9aeb7a2a22a9de4c4335d1	ELSA-2014-1255

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691