ELSA-2018-3071

ULN >
Oracle Linux Errata repository >
ELSA-2018-3071

ELSA-2018-3071 - krb5 security, bug fix, and enhancement update

Type:	SECURITY
Impact:	LOW
Release Date:	2018-11-05

Description

[1.15.1-34]
- In FIPS mode, add plaintext fallback for RC4 usages and taint
- Resolves: #1570600

[1.15.1-33]
- Use SHA-256 instead of MD5 for audit ticket IDs
- Resolves: #1570600

[1.15.1-32]
- Include preauth name in trace output if possible
- Update cert generation scripts to work on modern openssl
- Fix per-request preauth scoping
- Add test case for PKINIT DH renegotiation
- Echo KDC cookies in preauth tryagain
- Fall back to other preauth mechanisms after failures
- Resolves: #1540130

[1.15.1-31]
- Add German translation
- Resolves: #1497301

[1.15.1-30]
- Add default pkinit_anchors value to krb5.conf
- Resolves: #1508081

[1.15.1-29]
- Process profile includedir in sorted order
- Also, ignore dotfiles in included directories
- Resolves: #1539824

[1.15.1-28]
- Exit with status 0 from kadmind
- Resolves: #1373909

[1.15.1-27]
- Continue after KRB5_CC_END in KCM cache iteration
- Resolves: #1563166

[1.15.1-26]
- Merge duplicate subsections in profile library
- Resolves: #1519625

[1.15.1-25]
- Fix service dependencies on network state
- Resolves: #1525232

[1.15.1-24]
- Explicitly use openssl rather than builtin crypto
- Resolves: #1570600

[1.15.1-23]
- Fix flaws in LDAP DN checking (CVE-2018-5729, CVE-2018-5730)
- Resolves: #1562684
- Resolves: #1562679

[1.15.1-22]
- Fix segfault in finish_dispatch()
- Resolves: #1568970

[1.15.1-21]
- Unparse SANs with NO_REALM
- Resolves: #1482457

[1.15.1-20]
- Fix hex conversion of PKINIT certid strings
- Resolves: #1538491

Related CVEs

CVE-2018-5729

CVE-2018-5730

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	krb5-1.15.1-34.el7.src.rpm	a6bda1d97ffe2d69498244c86c9193598ab1cc7bcad4bfbeb30a1f46e54bdc6a	ELSA-2025-1352	ol7_aarch64_latest
	krb5-devel-1.15.1-34.el7.aarch64.rpm	1be2215ca2099f40b5de30a6c1f31895b3d33a91321f885bcf9f294eb6308613	ELSA-2025-1352	ol7_aarch64_latest
	krb5-libs-1.15.1-34.el7.aarch64.rpm	835a65baa6d3bc469bd42b7f7af58cf9cc4c5e401f17d927136e9df144e48e50	ELSA-2025-1352	ol7_aarch64_latest
	krb5-pkinit-1.15.1-34.el7.aarch64.rpm	ab24ed9feeab906f9be6ea5859a7e842185677b27515b1986978c9339eec7557	ELSA-2025-1352	ol7_aarch64_latest
	krb5-server-1.15.1-34.el7.aarch64.rpm	6604dc5c6444e07b1e1039edc359e9b451b6eee8c5205527c806d19f28013a2f	ELSA-2025-1352	ol7_aarch64_latest
	krb5-server-ldap-1.15.1-34.el7.aarch64.rpm	f8f70d7942eef89f11fa1020fee6cd1e01e84297dbe82a244f7ff0b87d44cd48	ELSA-2025-1352	ol7_aarch64_latest
	krb5-workstation-1.15.1-34.el7.aarch64.rpm	0c2cda3ae3ba47a620647b063f5a4cd983a2f7b6ee3564addc8f912a7d253ac4	ELSA-2025-1352	ol7_aarch64_latest
	libkadm5-1.15.1-34.el7.aarch64.rpm	e535d195526e1cbbf8e48dde8e88797d57c2a7ee00ebf82ea4d3b45b68c2c714	ELSA-2025-1352	ol7_aarch64_latest

Oracle Linux 7 (x86_64)	krb5-1.15.1-34.el7.src.rpm	a6bda1d97ffe2d69498244c86c9193598ab1cc7bcad4bfbeb30a1f46e54bdc6a	ELSA-2025-1352	ol7_x86_64_latest
	krb5-1.15.1-34.el7.src.rpm	a6bda1d97ffe2d69498244c86c9193598ab1cc7bcad4bfbeb30a1f46e54bdc6a	ELSA-2025-1352	ol7_x86_64_u6_base
	krb5-devel-1.15.1-34.el7.i686.rpm	71d9096cf3e5c880d504e98b4270805581bac5c652960feb598178e64ed4a63e	ELSA-2025-1352	ol7_x86_64_latest
	krb5-devel-1.15.1-34.el7.i686.rpm	71d9096cf3e5c880d504e98b4270805581bac5c652960feb598178e64ed4a63e	ELSA-2025-1352	ol7_x86_64_u6_base
	krb5-devel-1.15.1-34.el7.x86_64.rpm	81bb9320cfa6a7d1b599b566ddffbc69877f1af7ebf9febc44e88bdee9940219	ELSA-2025-1352	ol7_x86_64_latest
	krb5-devel-1.15.1-34.el7.x86_64.rpm	81bb9320cfa6a7d1b599b566ddffbc69877f1af7ebf9febc44e88bdee9940219	ELSA-2025-1352	ol7_x86_64_u6_base
	krb5-libs-1.15.1-34.el7.i686.rpm	38899a85d549cc6ecc112c9772a853d2f0eeebddd24656311fc3c9df95a0309f	ELSA-2025-1352	ol7_x86_64_latest
	krb5-libs-1.15.1-34.el7.i686.rpm	38899a85d549cc6ecc112c9772a853d2f0eeebddd24656311fc3c9df95a0309f	ELSA-2025-1352	ol7_x86_64_u6_base
	krb5-libs-1.15.1-34.el7.x86_64.rpm	4ec1e8c12a2723c0aef30c833371d8c84f5143b657a80ee1b02ad6270f5d0c79	ELSA-2025-1352	exadata_dbserver_19.1.1.0.0_x86_64_base
	krb5-libs-1.15.1-34.el7.x86_64.rpm	4ec1e8c12a2723c0aef30c833371d8c84f5143b657a80ee1b02ad6270f5d0c79	ELSA-2025-1352	exadata_dbserver_19.1.2.0.0_x86_64_base
	krb5-libs-1.15.1-34.el7.x86_64.rpm	4ec1e8c12a2723c0aef30c833371d8c84f5143b657a80ee1b02ad6270f5d0c79	ELSA-2025-1352	exadata_dbserver_19.2.0.0.0_x86_64_base
	krb5-libs-1.15.1-34.el7.x86_64.rpm	4ec1e8c12a2723c0aef30c833371d8c84f5143b657a80ee1b02ad6270f5d0c79	ELSA-2025-1352	ol7_x86_64_latest
	krb5-libs-1.15.1-34.el7.x86_64.rpm	4ec1e8c12a2723c0aef30c833371d8c84f5143b657a80ee1b02ad6270f5d0c79	ELSA-2025-1352	ol7_x86_64_u6_base
	krb5-pkinit-1.15.1-34.el7.x86_64.rpm	36fc975125f0d1239c9c87de57cd487147edc9b0aab8351ce1c40e500d3562bb	ELSA-2025-1352	ol7_x86_64_latest
	krb5-pkinit-1.15.1-34.el7.x86_64.rpm	36fc975125f0d1239c9c87de57cd487147edc9b0aab8351ce1c40e500d3562bb	ELSA-2025-1352	ol7_x86_64_u6_base
	krb5-server-1.15.1-34.el7.x86_64.rpm	8808ccb4fa7df9553a74951225b6280533c462a452289be503c52c009df5d73c	ELSA-2025-1352	ol7_x86_64_latest
	krb5-server-1.15.1-34.el7.x86_64.rpm	8808ccb4fa7df9553a74951225b6280533c462a452289be503c52c009df5d73c	ELSA-2025-1352	ol7_x86_64_u6_base
	krb5-server-ldap-1.15.1-34.el7.x86_64.rpm	eed3c6acbc133e2609d964b1e42316d7e73cb4cb2410e5f6b4ddb4fea037c118	ELSA-2025-1352	ol7_x86_64_latest
	krb5-server-ldap-1.15.1-34.el7.x86_64.rpm	eed3c6acbc133e2609d964b1e42316d7e73cb4cb2410e5f6b4ddb4fea037c118	ELSA-2025-1352	ol7_x86_64_u6_base
	krb5-workstation-1.15.1-34.el7.x86_64.rpm	7558d6134561335a82e3e781332d91d7656ab195a04111f8adaa42d3e57c4d5e	ELSA-2025-1352	ol7_x86_64_latest
	krb5-workstation-1.15.1-34.el7.x86_64.rpm	7558d6134561335a82e3e781332d91d7656ab195a04111f8adaa42d3e57c4d5e	ELSA-2025-1352	ol7_x86_64_u6_base
	libkadm5-1.15.1-34.el7.i686.rpm	d5f2f20526d2a36fdfbbdc9dd43109c5e981a7f4c3bfd91a5d0c9aa8afc6ee86	ELSA-2025-1352	ol7_x86_64_latest
	libkadm5-1.15.1-34.el7.i686.rpm	d5f2f20526d2a36fdfbbdc9dd43109c5e981a7f4c3bfd91a5d0c9aa8afc6ee86	ELSA-2025-1352	ol7_x86_64_u6_base
	libkadm5-1.15.1-34.el7.x86_64.rpm	5992160f908bb126f1723095d517f7871695e5e7cddba709f08c1888d7ad6561	ELSA-2025-1352	ol7_x86_64_latest
	libkadm5-1.15.1-34.el7.x86_64.rpm	5992160f908bb126f1723095d517f7871695e5e7cddba709f08c1888d7ad6561	ELSA-2025-1352	ol7_x86_64_u6_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691