ELSA-2025-7067

ULN >
Oracle Linux Errata repository >
ELSA-2025-7067

ELSA-2025-7067 - krb5 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-05-16

Description

[1.21.1-6.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]

[1.21.1-6]
- Prevent overflow when calculating ulog block size (CVE-2025-24528)
Resolves: RHEL-76759

[1.21.1-5]
- Support PKCS11 EC client certs in PKINIT
Resolves: RHEL-74374
- kdb5_util: fix DB entry flags on modification
Resolves: RHEL-56059
- Add ECDH support for PKINIT (RFC5349)
Resolves: RHEL-4902

Related CVEs

CVE-2025-24528

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	krb5-1.21.1-6.0.1.el9.src.rpm	0cc7d91cb257d46c5578823facfb6afb08fab153dd2c433aed157c4833831d6d	-	ol9_aarch64_appstream
	krb5-1.21.1-6.0.1.el9.src.rpm	0cc7d91cb257d46c5578823facfb6afb08fab153dd2c433aed157c4833831d6d	-	ol9_aarch64_baseos_latest
	krb5-1.21.1-6.0.1.el9.src.rpm	0cc7d91cb257d46c5578823facfb6afb08fab153dd2c433aed157c4833831d6d	-	ol9_aarch64_u6_baseos_base
	krb5-devel-1.21.1-6.0.1.el9.aarch64.rpm	721153b55f99e552d1060c5350d938a0d2d5a727d0e23a69f587987876767925	-	ol9_aarch64_appstream
	krb5-libs-1.21.1-6.0.1.el9.aarch64.rpm	ec9466688b82d5005840f878541294919364c3758eb85851005f62254755f44b	-	ol9_aarch64_baseos_latest
	krb5-libs-1.21.1-6.0.1.el9.aarch64.rpm	ec9466688b82d5005840f878541294919364c3758eb85851005f62254755f44b	-	ol9_aarch64_u6_baseos_base
	krb5-pkinit-1.21.1-6.0.1.el9.aarch64.rpm	63b9376da136090334af9b945ac12b99bf4be95a6d9ba99cd97e5d7d63363fa3	-	ol9_aarch64_baseos_latest
	krb5-pkinit-1.21.1-6.0.1.el9.aarch64.rpm	63b9376da136090334af9b945ac12b99bf4be95a6d9ba99cd97e5d7d63363fa3	-	ol9_aarch64_u6_baseos_base
	krb5-server-1.21.1-6.0.1.el9.aarch64.rpm	910ecf192a567858295d62719555e54b547d80c1729eaf25f0e9fcab0978f8f6	-	ol9_aarch64_baseos_latest
	krb5-server-1.21.1-6.0.1.el9.aarch64.rpm	910ecf192a567858295d62719555e54b547d80c1729eaf25f0e9fcab0978f8f6	-	ol9_aarch64_u6_baseos_base
	krb5-server-ldap-1.21.1-6.0.1.el9.aarch64.rpm	62cfd5704ae523ad6b2b20f97fa869b5f352b3455a65fd4046246987002135cf	-	ol9_aarch64_baseos_latest
	krb5-server-ldap-1.21.1-6.0.1.el9.aarch64.rpm	62cfd5704ae523ad6b2b20f97fa869b5f352b3455a65fd4046246987002135cf	-	ol9_aarch64_u6_baseos_base
	krb5-workstation-1.21.1-6.0.1.el9.aarch64.rpm	7667d717ba4c77f0c511efb7d09710f9fd5d16e30e7bf4d32ffdd4177c59e19a	-	ol9_aarch64_baseos_latest
	krb5-workstation-1.21.1-6.0.1.el9.aarch64.rpm	7667d717ba4c77f0c511efb7d09710f9fd5d16e30e7bf4d32ffdd4177c59e19a	-	ol9_aarch64_u6_baseos_base
	libkadm5-1.21.1-6.0.1.el9.aarch64.rpm	f95e137063fe8d1c38c31a2c802aa2424ab62cafe6d9c351121786c4bebf0246	-	ol9_aarch64_baseos_latest
	libkadm5-1.21.1-6.0.1.el9.aarch64.rpm	f95e137063fe8d1c38c31a2c802aa2424ab62cafe6d9c351121786c4bebf0246	-	ol9_aarch64_u6_baseos_base

Oracle Linux 9 (x86_64)	krb5-1.21.1-6.0.1.el9.src.rpm	0cc7d91cb257d46c5578823facfb6afb08fab153dd2c433aed157c4833831d6d	-	ol9_x86_64_appstream
	krb5-1.21.1-6.0.1.el9.src.rpm	0cc7d91cb257d46c5578823facfb6afb08fab153dd2c433aed157c4833831d6d	-	ol9_x86_64_baseos_latest
	krb5-1.21.1-6.0.1.el9.src.rpm	0cc7d91cb257d46c5578823facfb6afb08fab153dd2c433aed157c4833831d6d	-	ol9_x86_64_u6_baseos_base
	krb5-devel-1.21.1-6.0.1.el9.i686.rpm	26238f4b6d022a12447f28ef31e408748bde2099bbf22a3f0be9cb3c04edc17b	-	ol9_x86_64_appstream
	krb5-devel-1.21.1-6.0.1.el9.x86_64.rpm	5338f31ebf2b73d4d71d259872f29376046a2e507fa8d5617b6e08846cdea865	-	ol9_x86_64_appstream
	krb5-libs-1.21.1-6.0.1.el9.i686.rpm	e5e4f39851d68231ce607a8b3555aaee63d708601fdb91b7efdc524a9a79041f	-	ol9_x86_64_baseos_latest
	krb5-libs-1.21.1-6.0.1.el9.i686.rpm	e5e4f39851d68231ce607a8b3555aaee63d708601fdb91b7efdc524a9a79041f	-	ol9_x86_64_u6_baseos_base
	krb5-libs-1.21.1-6.0.1.el9.x86_64.rpm	d0b8eb821f5b8b75567defc3371d37b7132f4813f9892fc429644c7ed8f0e737	-	ol9_x86_64_baseos_latest
	krb5-libs-1.21.1-6.0.1.el9.x86_64.rpm	d0b8eb821f5b8b75567defc3371d37b7132f4813f9892fc429644c7ed8f0e737	-	ol9_x86_64_u6_baseos_base
	krb5-pkinit-1.21.1-6.0.1.el9.i686.rpm	0e998ea33f923387e1d7376716ba8b4b62fbb0744fb6b569f8effbf37a1ea692	-	ol9_x86_64_baseos_latest
	krb5-pkinit-1.21.1-6.0.1.el9.i686.rpm	0e998ea33f923387e1d7376716ba8b4b62fbb0744fb6b569f8effbf37a1ea692	-	ol9_x86_64_u6_baseos_base
	krb5-pkinit-1.21.1-6.0.1.el9.x86_64.rpm	b6bf6408814033a4167a1643ee0e3e9c2a9de28c02e33a677effa9c1945b01e2	-	ol9_x86_64_baseos_latest
	krb5-pkinit-1.21.1-6.0.1.el9.x86_64.rpm	b6bf6408814033a4167a1643ee0e3e9c2a9de28c02e33a677effa9c1945b01e2	-	ol9_x86_64_u6_baseos_base
	krb5-server-1.21.1-6.0.1.el9.i686.rpm	7d022711e1ffa6942783e267344e56049cb7174650ef672ecf26e4f8c2af09c6	-	ol9_x86_64_baseos_latest
	krb5-server-1.21.1-6.0.1.el9.i686.rpm	7d022711e1ffa6942783e267344e56049cb7174650ef672ecf26e4f8c2af09c6	-	ol9_x86_64_u6_baseos_base
	krb5-server-1.21.1-6.0.1.el9.x86_64.rpm	127975b7bd9122f3716665f99d2c738720034aef9128958b7a218f3589c75dd0	-	ol9_x86_64_baseos_latest
	krb5-server-1.21.1-6.0.1.el9.x86_64.rpm	127975b7bd9122f3716665f99d2c738720034aef9128958b7a218f3589c75dd0	-	ol9_x86_64_u6_baseos_base
	krb5-server-ldap-1.21.1-6.0.1.el9.i686.rpm	10c1bb6e21856caf05194543287a2af9389fdb8521c6418371e5415057c00f84	-	ol9_x86_64_baseos_latest
	krb5-server-ldap-1.21.1-6.0.1.el9.i686.rpm	10c1bb6e21856caf05194543287a2af9389fdb8521c6418371e5415057c00f84	-	ol9_x86_64_u6_baseos_base
	krb5-server-ldap-1.21.1-6.0.1.el9.x86_64.rpm	6ed3f574b659320f3b54cd9bf7bf0d3be685f094b8664b93ddc6821f5ce9015b	-	ol9_x86_64_baseos_latest
	krb5-server-ldap-1.21.1-6.0.1.el9.x86_64.rpm	6ed3f574b659320f3b54cd9bf7bf0d3be685f094b8664b93ddc6821f5ce9015b	-	ol9_x86_64_u6_baseos_base
	krb5-workstation-1.21.1-6.0.1.el9.x86_64.rpm	a61ef9bbb4c658b18409038bdfa9dff651b955d81f519399211408157277cff0	-	ol9_x86_64_baseos_latest
	krb5-workstation-1.21.1-6.0.1.el9.x86_64.rpm	a61ef9bbb4c658b18409038bdfa9dff651b955d81f519399211408157277cff0	-	ol9_x86_64_u6_baseos_base
	libkadm5-1.21.1-6.0.1.el9.i686.rpm	af2d84e82eeef7654703bfca2cf09c680443978a487ce9c6561d1d953644e1f0	-	ol9_x86_64_baseos_latest
	libkadm5-1.21.1-6.0.1.el9.i686.rpm	af2d84e82eeef7654703bfca2cf09c680443978a487ce9c6561d1d953644e1f0	-	ol9_x86_64_u6_baseos_base
	libkadm5-1.21.1-6.0.1.el9.x86_64.rpm	d4ebd967df01cbab18201e1297765075350846c7c1098f6f95328abe4fb0617c	-	ol9_x86_64_baseos_latest
	libkadm5-1.21.1-6.0.1.el9.x86_64.rpm	d4ebd967df01cbab18201e1297765075350846c7c1098f6f95328abe4fb0617c	-	ol9_x86_64_u6_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691