OVMSA-2015-0054 - krb5 security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2015-04-09 |
Description
[1.10.3-37]
- fix for CVE-2014-5355 (#1193939) 'krb5: unauthenticated
denial of service in recvauth_common() and others'
[1.10.3-36]
- fix for CVE-2014-5353 (#1174543) 'Fix LDAP misused policy
name crash'
[1.10.3-35]
- Changelog fixes to make errata subsystem happy.
[1.10.3-34]
- fix for CVE-2014-5352 (#1179856) 'gss_process_context_token()
incorrectly frees context (MITKRB5-SA-2015-001)'
- fix for CVE-2014-9421 (#1179857) 'kadmind doubly frees partial
deserialization results (MITKRB5-SA-2015-001)'
- fix for CVE-2014-9422 (#1179861) 'kadmind incorrectly
validates server principal name (MITKRB5-SA-2015-001)'
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3.3 (x86_64) | krb5-1.10.3-37.el6_6.src.rpm | 2bb8ea661d8eee3aba7d72fe1095be62 | OVMSA-2016-0039 |
| krb5-libs-1.10.3-37.el6_6.x86_64.rpm | a381bd8d9e3498c8628fd81bb8b27fed | OVMSA-2016-0039 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
