OVMSA-2015-0054 - krb5 security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2015-04-09 |
Description
[1.10.3-37]
- fix for CVE-2014-5355 (#1193939) 'krb5: unauthenticated
denial of service in recvauth_common() and others'
[1.10.3-36]
- fix for CVE-2014-5353 (#1174543) 'Fix LDAP misused policy
name crash'
[1.10.3-35]
- Changelog fixes to make errata subsystem happy.
[1.10.3-34]
- fix for CVE-2014-5352 (#1179856) 'gss_process_context_token()
incorrectly frees context (MITKRB5-SA-2015-001)'
- fix for CVE-2014-9421 (#1179857) 'kadmind doubly frees partial
deserialization results (MITKRB5-SA-2015-001)'
- fix for CVE-2014-9422 (#1179861) 'kadmind incorrectly
validates server principal name (MITKRB5-SA-2015-001)'
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | krb5-1.10.3-37.el6_6.src.rpm | 5695f9f8b12df2102e24f72c039cdf8c22b7cf13fab98d977d8f8308cf47ba5d | OVMSA-2016-0039 | ovm3_x86_64_3.3_patch |
| krb5-libs-1.10.3-37.el6_6.x86_64.rpm | 2228b679acedb1e056c1d51da4e124fafaecdb3661e7745a1d6835967d4af72a | OVMSA-2016-0039 | ovm3_x86_64_3.3_patch |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
