ELSA-2015-0794

ELSA-2015-0794 - krb5 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2015-04-09

Description

[1.10.3-37]
- fix for CVE-2014-5355 (#1193939) 'krb5: unauthenticated
denial of service in recvauth_common() and others'

[1.10.3-36]
- fix for CVE-2014-5353 (#1174543) 'Fix LDAP misused policy
name crash'

[1.10.3-35]
- Changelog fixes to make errata subsystem happy.

[1.10.3-34]
- fix for CVE-2014-5352 (#1179856) 'gss_process_context_token()
incorrectly frees context (MITKRB5-SA-2015-001)'
- fix for CVE-2014-9421 (#1179857) 'kadmind doubly frees partial
deserialization results (MITKRB5-SA-2015-001)'
- fix for CVE-2014-9422 (#1179861) 'kadmind incorrectly
validates server principal name (MITKRB5-SA-2015-001)'

Related CVEs

CVE-2014-5352

CVE-2014-9421

CVE-2014-5353

CVE-2014-5355

CVE-2014-9422

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 6 (i386)	krb5-1.10.3-37.el6_6.src.rpm	5695f9f8b12df2102e24f72c039cdf8c22b7cf13fab98d977d8f8308cf47ba5d	ELSA-2016-0493	ol6_i386_latest_archive
	krb5-1.10.3-37.el6_6.src.rpm	5695f9f8b12df2102e24f72c039cdf8c22b7cf13fab98d977d8f8308cf47ba5d	ELSA-2016-0493	ol6_u6_i386_patch
	krb5-devel-1.10.3-37.el6_6.i686.rpm	ce27a1cfe18dbc63b01dde332de60be296bdfc93bc499cfe76684f53a97d7c93	ELSA-2016-0493	ol6_i386_latest_archive
	krb5-devel-1.10.3-37.el6_6.i686.rpm	ce27a1cfe18dbc63b01dde332de60be296bdfc93bc499cfe76684f53a97d7c93	ELSA-2016-0493	ol6_u6_i386_patch
	krb5-libs-1.10.3-37.el6_6.i686.rpm	7131ccf94016fea2f1d8734f9c8eeab4bfb105198b86852317ae2b9161f60389	ELSA-2016-0493	ol6_i386_latest_archive
	krb5-libs-1.10.3-37.el6_6.i686.rpm	7131ccf94016fea2f1d8734f9c8eeab4bfb105198b86852317ae2b9161f60389	ELSA-2016-0493	ol6_u6_i386_patch
	krb5-pkinit-openssl-1.10.3-37.el6_6.i686.rpm	e52f7cbea341e66a0b2144e20c47f88ae40a62b0335c242cacb1e92f9078e9dc	ELSA-2016-0493	ol6_i386_latest_archive
	krb5-pkinit-openssl-1.10.3-37.el6_6.i686.rpm	e52f7cbea341e66a0b2144e20c47f88ae40a62b0335c242cacb1e92f9078e9dc	ELSA-2016-0493	ol6_u6_i386_patch
	krb5-server-1.10.3-37.el6_6.i686.rpm	de6c0ef7fc764d8875fddd87a57e1eac5e6254399d684642b8880ff7af527ea5	ELSA-2016-0493	ol6_i386_latest_archive
	krb5-server-1.10.3-37.el6_6.i686.rpm	de6c0ef7fc764d8875fddd87a57e1eac5e6254399d684642b8880ff7af527ea5	ELSA-2016-0493	ol6_u6_i386_patch
	krb5-server-ldap-1.10.3-37.el6_6.i686.rpm	b0918eae7aafc0fcc5f78bf0816585f433ca8f94d8aea25ce24509a43149c79d	ELSA-2016-0493	ol6_i386_latest_archive
	krb5-server-ldap-1.10.3-37.el6_6.i686.rpm	b0918eae7aafc0fcc5f78bf0816585f433ca8f94d8aea25ce24509a43149c79d	ELSA-2016-0493	ol6_u6_i386_patch
	krb5-workstation-1.10.3-37.el6_6.i686.rpm	f1c812a05278c7c0f5640c9e02722a73556886845bbb1132fbdd9fd651fcdbb6	ELSA-2016-0493	ol6_i386_latest_archive
	krb5-workstation-1.10.3-37.el6_6.i686.rpm	f1c812a05278c7c0f5640c9e02722a73556886845bbb1132fbdd9fd651fcdbb6	ELSA-2016-0493	ol6_u6_i386_patch
Oracle Linux 6 (x86_64)	krb5-1.10.3-37.el6_6.src.rpm	5695f9f8b12df2102e24f72c039cdf8c22b7cf13fab98d977d8f8308cf47ba5d	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-1.10.3-37.el6_6.src.rpm	5695f9f8b12df2102e24f72c039cdf8c22b7cf13fab98d977d8f8308cf47ba5d	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-devel-1.10.3-37.el6_6.i686.rpm	ce27a1cfe18dbc63b01dde332de60be296bdfc93bc499cfe76684f53a97d7c93	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-devel-1.10.3-37.el6_6.i686.rpm	ce27a1cfe18dbc63b01dde332de60be296bdfc93bc499cfe76684f53a97d7c93	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-devel-1.10.3-37.el6_6.x86_64.rpm	53a6808cf1cb437a00936a22bc8fabc9e3d5c44292a88c5984cefeba76a75393	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-devel-1.10.3-37.el6_6.x86_64.rpm	53a6808cf1cb437a00936a22bc8fabc9e3d5c44292a88c5984cefeba76a75393	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-libs-1.10.3-37.el6_6.i686.rpm	7131ccf94016fea2f1d8734f9c8eeab4bfb105198b86852317ae2b9161f60389	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-libs-1.10.3-37.el6_6.i686.rpm	7131ccf94016fea2f1d8734f9c8eeab4bfb105198b86852317ae2b9161f60389	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-libs-1.10.3-37.el6_6.x86_64.rpm	2228b679acedb1e056c1d51da4e124fafaecdb3661e7745a1d6835967d4af72a	ELSA-2016-0493	exadata_dbserver_12.1.2.1.2_x86_64_base
	krb5-libs-1.10.3-37.el6_6.x86_64.rpm	2228b679acedb1e056c1d51da4e124fafaecdb3661e7745a1d6835967d4af72a	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-libs-1.10.3-37.el6_6.x86_64.rpm	2228b679acedb1e056c1d51da4e124fafaecdb3661e7745a1d6835967d4af72a	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-pkinit-openssl-1.10.3-37.el6_6.x86_64.rpm	ef1ce6a98db93a56df70ef473fa57524aaa49904591a301e532d17f58c0665cf	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-pkinit-openssl-1.10.3-37.el6_6.x86_64.rpm	ef1ce6a98db93a56df70ef473fa57524aaa49904591a301e532d17f58c0665cf	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-server-1.10.3-37.el6_6.x86_64.rpm	acbb82187e780333884635c9aa99090fc73d9028eb663bc88264544c90548da3	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-server-1.10.3-37.el6_6.x86_64.rpm	acbb82187e780333884635c9aa99090fc73d9028eb663bc88264544c90548da3	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-server-ldap-1.10.3-37.el6_6.i686.rpm	b0918eae7aafc0fcc5f78bf0816585f433ca8f94d8aea25ce24509a43149c79d	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-server-ldap-1.10.3-37.el6_6.i686.rpm	b0918eae7aafc0fcc5f78bf0816585f433ca8f94d8aea25ce24509a43149c79d	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-server-ldap-1.10.3-37.el6_6.x86_64.rpm	04200647eb777e5972b579d140b8b6a94291f6b7204829a0134afccc3a41d8bb	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-server-ldap-1.10.3-37.el6_6.x86_64.rpm	04200647eb777e5972b579d140b8b6a94291f6b7204829a0134afccc3a41d8bb	ELSA-2016-0493	ol6_x86_64_latest_archive
	krb5-workstation-1.10.3-37.el6_6.x86_64.rpm	976286dbd9ad18c5f4274daf2d9cbf051bb2808031aafad37207f2a8d2ca2a07	ELSA-2016-0493	ol6_u6_x86_64_patch
	krb5-workstation-1.10.3-37.el6_6.x86_64.rpm	976286dbd9ad18c5f4274daf2d9cbf051bb2808031aafad37207f2a8d2ca2a07	ELSA-2016-0493	ol6_x86_64_latest_archive

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team