ELSA-2025-9430

ULN >
Oracle Linux Errata repository >
ELSA-2025-9430

ELSA-2025-9430 - krb5 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-06-24

Description

[1.21.1-8.0.1]
- Fixed race condition in krb5_set_password() [Orabug: 33609767]

[1.21.1-9]
- Do not block HMAC-MD4/5 in FIPS mode
Resolves: RHEL-88704
- Don't issue RC4 session keys by default (CVE-2025-3576)
Resolves: RHEL-88048
- Add PKINIT paChecksum2 from MS-PKCA v20230920
Resolves: RHEL-82647

[1.21.1-7]
- Add dedicated tests sub-package

Related CVEs

CVE-2025-3576

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	krb5-1.21.1-8.0.1.el9_6.src.rpm	a833377c291710e14c87ba45eaefaf960ae3ec39d4d17b413773059040ad35d7	-	ol9_aarch64_appstream
	krb5-1.21.1-8.0.1.el9_6.src.rpm	a833377c291710e14c87ba45eaefaf960ae3ec39d4d17b413773059040ad35d7	-	ol9_aarch64_baseos_latest
	krb5-1.21.1-8.0.1.el9_6.src.rpm	a833377c291710e14c87ba45eaefaf960ae3ec39d4d17b413773059040ad35d7	-	ol9_aarch64_u6_baseos_patch
	krb5-devel-1.21.1-8.0.1.el9_6.aarch64.rpm	73aa3467fcf079555c848fa711da62607fc0f55f1ad4efbd7029f5e2ffa701af	-	ol9_aarch64_appstream
	krb5-libs-1.21.1-8.0.1.el9_6.aarch64.rpm	1e2feac73de18f18afce6e140b246d47bccdf1eefce7be51ae4ef5b25a0012f4	-	ol9_aarch64_baseos_latest
	krb5-libs-1.21.1-8.0.1.el9_6.aarch64.rpm	1e2feac73de18f18afce6e140b246d47bccdf1eefce7be51ae4ef5b25a0012f4	-	ol9_aarch64_u6_baseos_patch
	krb5-pkinit-1.21.1-8.0.1.el9_6.aarch64.rpm	ee770a7ab3f0ed316d8c8b3d71d4250d65fdc9060cce85f8197ab0caf9cdb345	-	ol9_aarch64_baseos_latest
	krb5-pkinit-1.21.1-8.0.1.el9_6.aarch64.rpm	ee770a7ab3f0ed316d8c8b3d71d4250d65fdc9060cce85f8197ab0caf9cdb345	-	ol9_aarch64_u6_baseos_patch
	krb5-server-1.21.1-8.0.1.el9_6.aarch64.rpm	b3101b102e70c24c99e21a0ea840397c593696d033ec43147d212d0bd0cc62f5	-	ol9_aarch64_baseos_latest
	krb5-server-1.21.1-8.0.1.el9_6.aarch64.rpm	b3101b102e70c24c99e21a0ea840397c593696d033ec43147d212d0bd0cc62f5	-	ol9_aarch64_u6_baseos_patch
	krb5-server-ldap-1.21.1-8.0.1.el9_6.aarch64.rpm	1177140ece112bb4359706dd8e845fb6c29a9dba8f2619fbf376fdaa931cf2d0	-	ol9_aarch64_baseos_latest
	krb5-server-ldap-1.21.1-8.0.1.el9_6.aarch64.rpm	1177140ece112bb4359706dd8e845fb6c29a9dba8f2619fbf376fdaa931cf2d0	-	ol9_aarch64_u6_baseos_patch
	krb5-workstation-1.21.1-8.0.1.el9_6.aarch64.rpm	5e29c907b5ad52ad28e2f5f5de2e62551836854e81176fb9e3bde3c2595c3790	-	ol9_aarch64_baseos_latest
	krb5-workstation-1.21.1-8.0.1.el9_6.aarch64.rpm	5e29c907b5ad52ad28e2f5f5de2e62551836854e81176fb9e3bde3c2595c3790	-	ol9_aarch64_u6_baseos_patch
	libkadm5-1.21.1-8.0.1.el9_6.aarch64.rpm	0d224f1ba4b39cc8df5ecadaf7e69c0808740d1a15a888f5a102b91ffac8d902	-	ol9_aarch64_baseos_latest
	libkadm5-1.21.1-8.0.1.el9_6.aarch64.rpm	0d224f1ba4b39cc8df5ecadaf7e69c0808740d1a15a888f5a102b91ffac8d902	-	ol9_aarch64_u6_baseos_patch

Oracle Linux 9 (x86_64)	krb5-1.21.1-8.0.1.el9_6.src.rpm	a833377c291710e14c87ba45eaefaf960ae3ec39d4d17b413773059040ad35d7	-	ol9_x86_64_appstream
	krb5-1.21.1-8.0.1.el9_6.src.rpm	a833377c291710e14c87ba45eaefaf960ae3ec39d4d17b413773059040ad35d7	-	ol9_x86_64_baseos_latest
	krb5-1.21.1-8.0.1.el9_6.src.rpm	a833377c291710e14c87ba45eaefaf960ae3ec39d4d17b413773059040ad35d7	-	ol9_x86_64_u6_baseos_patch
	krb5-devel-1.21.1-8.0.1.el9_6.i686.rpm	9d808cddcd01d284db7bbd548d47fd55a812df0b0212796e2e5fb2bbc131f473	-	ol9_x86_64_appstream
	krb5-devel-1.21.1-8.0.1.el9_6.x86_64.rpm	2efd4e094944bdac8cecb82c2384ab32d2a7ab81d64f685214396bfb09e671b1	-	ol9_x86_64_appstream
	krb5-libs-1.21.1-8.0.1.el9_6.i686.rpm	19032f213a2bb9dea9c459c19b8ed334e33caaa8114b78e821e2760458026f51	-	ol9_x86_64_baseos_latest
	krb5-libs-1.21.1-8.0.1.el9_6.i686.rpm	19032f213a2bb9dea9c459c19b8ed334e33caaa8114b78e821e2760458026f51	-	ol9_x86_64_u6_baseos_patch
	krb5-libs-1.21.1-8.0.1.el9_6.x86_64.rpm	13de2d3130298babd291ade3806c358de3210137c328ba3c79a0eaee4a824291	-	ol9_x86_64_baseos_latest
	krb5-libs-1.21.1-8.0.1.el9_6.x86_64.rpm	13de2d3130298babd291ade3806c358de3210137c328ba3c79a0eaee4a824291	-	ol9_x86_64_u6_baseos_patch
	krb5-pkinit-1.21.1-8.0.1.el9_6.i686.rpm	204fec84a5822c73b4438109cd4b62a0d00b30001d816c1d4a507a23d42236c8	-	ol9_x86_64_baseos_latest
	krb5-pkinit-1.21.1-8.0.1.el9_6.i686.rpm	204fec84a5822c73b4438109cd4b62a0d00b30001d816c1d4a507a23d42236c8	-	ol9_x86_64_u6_baseos_patch
	krb5-pkinit-1.21.1-8.0.1.el9_6.x86_64.rpm	4858fbc265fae8f0ac009c83de642a99b9f7c411beb1cb8c925a8fc47e75413e	-	ol9_x86_64_baseos_latest
	krb5-pkinit-1.21.1-8.0.1.el9_6.x86_64.rpm	4858fbc265fae8f0ac009c83de642a99b9f7c411beb1cb8c925a8fc47e75413e	-	ol9_x86_64_u6_baseos_patch
	krb5-server-1.21.1-8.0.1.el9_6.i686.rpm	1173e480bbade6cd533c8aa44718d0971295a1ae7721d2632415ac09c150922e	-	ol9_x86_64_baseos_latest
	krb5-server-1.21.1-8.0.1.el9_6.i686.rpm	1173e480bbade6cd533c8aa44718d0971295a1ae7721d2632415ac09c150922e	-	ol9_x86_64_u6_baseos_patch
	krb5-server-1.21.1-8.0.1.el9_6.x86_64.rpm	b3586dd85bc610acf6e96e5e750e0ced5d8416f5c71fe1e5d2c1f95c824bfbda	-	ol9_x86_64_baseos_latest
	krb5-server-1.21.1-8.0.1.el9_6.x86_64.rpm	b3586dd85bc610acf6e96e5e750e0ced5d8416f5c71fe1e5d2c1f95c824bfbda	-	ol9_x86_64_u6_baseos_patch
	krb5-server-ldap-1.21.1-8.0.1.el9_6.i686.rpm	e864d6b297575b4323c6e28b7091c922aa648effcd34b0b01e2412da54c479c5	-	ol9_x86_64_baseos_latest
	krb5-server-ldap-1.21.1-8.0.1.el9_6.i686.rpm	e864d6b297575b4323c6e28b7091c922aa648effcd34b0b01e2412da54c479c5	-	ol9_x86_64_u6_baseos_patch
	krb5-server-ldap-1.21.1-8.0.1.el9_6.x86_64.rpm	6c3cbece7145c3123acff9a306c7a82f4e8304088016274d470a8b3878b8aa02	-	ol9_x86_64_baseos_latest
	krb5-server-ldap-1.21.1-8.0.1.el9_6.x86_64.rpm	6c3cbece7145c3123acff9a306c7a82f4e8304088016274d470a8b3878b8aa02	-	ol9_x86_64_u6_baseos_patch
	krb5-workstation-1.21.1-8.0.1.el9_6.x86_64.rpm	6e9b5d76b74d11978ddb9d6f3a16e43c3a470c42fa4a706b23eb05abf56d42bc	-	ol9_x86_64_baseos_latest
	krb5-workstation-1.21.1-8.0.1.el9_6.x86_64.rpm	6e9b5d76b74d11978ddb9d6f3a16e43c3a470c42fa4a706b23eb05abf56d42bc	-	ol9_x86_64_u6_baseos_patch
	libkadm5-1.21.1-8.0.1.el9_6.i686.rpm	23956c8085f2f72e094647b7c967c14d69e7516bea963cff6e4b61dbd1d581b2	-	ol9_x86_64_baseos_latest
	libkadm5-1.21.1-8.0.1.el9_6.i686.rpm	23956c8085f2f72e094647b7c967c14d69e7516bea963cff6e4b61dbd1d581b2	-	ol9_x86_64_u6_baseos_patch
	libkadm5-1.21.1-8.0.1.el9_6.x86_64.rpm	6337c34d96095b100e91d1a61c113ea5eba6eeac4890a5606ac263e35dc0b1ba	-	ol9_x86_64_baseos_latest
	libkadm5-1.21.1-8.0.1.el9_6.x86_64.rpm	6337c34d96095b100e91d1a61c113ea5eba6eeac4890a5606ac263e35dc0b1ba	-	ol9_x86_64_u6_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691