|
| View previous topic :: View next topic |
| Author |
Message |
jebba
|
 Posted: Tue Aug 31, 2004 7:46 pm Post subject: SECURITY Update: krb5-* for 10k & 20k |
 |
|
In repository for apt-able goodness.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-277
2004-08-31
---------------------------------------------------------------------
Product : Fedora Core 2
Name : krb5
Version : 1.3.4
Release : 6
Summary : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.
---------------------------------------------------------------------
Update Information:
Kerberos is a networked authentication system which uses a trusted
third party (a KDC) to authenticate clients and servers to each
other.
Several double-free bugs were found in the Kerberos 5 KDC and
libraries. A remote attacker could potentially exploit these flaws to
execute arbitrary code. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the names CAN-2004-0642 and
CAN-2004-0643 to these issues.
A double-free bug was also found in the krb524 server
(CAN-2004-0772), however this issue does not affect Fedora Core.
An infinite loop bug was found in the Kerberos 5 ASN.1 decoder
library. A remote attacker may be able to trigger this flaw and cause
a denial of service. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0644 to this issue.
---------------------------------------------------------------------
* Tue Aug 24 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-6
- rebuild
* Tue Aug 24 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-5
- incorporate revised fixes from Tom Yu for CAN-2004-0642, CAN-2004-0644,
CAN-2004-0772
* Mon Aug 23 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-4
- rebuild
* Mon Aug 23 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-3
- incorporate fixes from Tom Yu for CAN-2004-0642, CAN-2004-0772
(MITKRB5-SA-2004-002, #130732)
- incorporate fixes from Tom Yu for CAN-2004-0644 (MITKRB5-SA-2004-003, #130732)
* Tue Jul 27 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-2
- fix indexing error in server sorting patch (#127336)
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Mon Jun 14 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-0.1
- update to 1.3.4 final
* Mon Jun 07 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-0
- update to 1.3.4 beta1
- remove MITKRB5-SA-2004-001, included in 1.3.4
* Mon Jun 07 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-8
- rebuild
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
2b26718a3e533f32a1e98b401a2e21d4 SRPMS/krb5-1.3.4-6.src.rpm
beebe2125e840d9cb4546465b9833d66 x86_64/krb5-devel-1.3.4-6.x86_64.rpm
e00056df9058bed4b00684d2a64ffbe6 x86_64/krb5-libs-1.3.4-6.x86_64.rpm
abe8cf2e80236fb5a6adfa62c6e13240 x86_64/krb5-server-1.3.4-6.x86_64.rpm
11fdd50862bc0379fbfb3d804e59143b x86_64/krb5-workstation-1.3.4-6.x86_64.rpm
a6abcfdeb10910b7b814391c720d2ae7 x86_64/debug/krb5-debuginfo-1.3.4-6.x86_64.rpm
1d720b00203ce00d4c75e3926ee618e4 x86_64/krb5-libs-1.3.4-6.i386.rpm
16d556d502f9d34729bcb166ec209ea8 i386/krb5-devel-1.3.4-6.i386.rpm
1d720b00203ce00d4c75e3926ee618e4 i386/krb5-libs-1.3.4-6.i386.rpm
4534128db2230d8e8f0b76a591e7f7a6 i386/krb5-server-1.3.4-6.i386.rpm
c8f55dbadff7333fdb49b8f39173135b i386/krb5-workstation-1.3.4-6.i386.rpm
0092eed09687bf677aa0ed0c3980ec98 i386/debug/krb5-debuginfo-1.3.4-6.i386.rpm
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-276
2004-08-31
---------------------------------------------------------------------
Product : Fedora Core 1
Name : krb5
Version : 1.3.4
Release : 5
Summary : The Kerberos network authentication system.
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.
---------------------------------------------------------------------
Update Information:
Kerberos is a networked authentication system which uses a trusted
third party (a KDC) to authenticate clients and servers to each
other.
Several double-free bugs were found in the Kerberos 5 KDC and
libraries. A remote attacker could potentially exploit these flaws to
execute arbitrary code. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the names CAN-2004-0642 and
CAN-2004-0643 to these issues.
A double-free bug was also found in the krb524 server
(CAN-2004-0772), however this issue does not affect Fedora Core.
An infinite loop bug was found in the Kerberos 5 ASN.1 decoder
library. A remote attacker may be able to trigger this flaw and cause
a denial of service. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0644 to this issue.
---------------------------------------------------------------------
* Tue Aug 24 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-5
- incorporate revised fixes from Tom Yu for CAN-2004-0642, CAN-2004-0644,
CAN-2004-0772
* Mon Aug 23 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-4
- rebuild
* Mon Aug 23 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-3
- incorporate fixes from Tom Yu for CAN-2004-0642, CAN-2004-0772
(MITKRB5-SA-2004-002, #130732)
- incorporate fixes from Tom Yu for CAN-2004-0644 (MITKRB5-SA-2004-003, #130732)
* Tue Jul 27 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-2
- fix indexing error in server sorting patch (#127336)
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Mon Jun 14 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-0.1
- update to 1.3.4 final
* Mon Jun 07 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.4-0
- update to 1.3.4 beta1
- remove MITKRB5-SA-2004-001, included in 1.3.4
* Mon Jun 07 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.3-8
- rebuild
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
215744598787e8555852a42346523ff0 SRPMS/krb5-1.3.4-5.src.rpm
0bdb0a2c01e7682ac61009e86eb79c92 x86_64/krb5-devel-1.3.4-5.x86_64.rpm
575fa819175d43d6835867acb616da45 x86_64/krb5-libs-1.3.4-5.x86_64.rpm
2417f376a3f96de6514432efd70ba550 x86_64/krb5-server-1.3.4-5.x86_64.rpm
f79c01f71dd81127946c5e951ee3fa70 x86_64/krb5-workstation-1.3.4-5.x86_64.rpm
43fd30f8236c8a05edc726d7a9a318c9 x86_64/debug/krb5-debuginfo-1.3.4-5.x86_64.rpm
90924e3b1aa64f7e0780613e49d97a77 x86_64/krb5-libs-1.3.4-5.i386.rpm
201f89557be28e3cbcf6c7e2d23187d0 i386/krb5-devel-1.3.4-5.i386.rpm
90924e3b1aa64f7e0780613e49d97a77 i386/krb5-libs-1.3.4-5.i386.rpm
0ea73ac3eeb55350d9ae5b2bcdf33059 i386/krb5-server-1.3.4-5.i386.rpm
69ecbbe96b6b900c0a8b5f5d76fffbab i386/krb5-workstation-1.3.4-5.i386.rpm
dfb27688cf0416cb9c051e9df0bbe5ab i386/debug/krb5-debuginfo-1.3.4-5.i386.rpm
|
|
|
 |
|
|
|
