[SECURITY] Fedora 30 Update: krb5-1.17-15.fc30

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-320a5a6a68 2019-09-30 01:00:06.441810 -------------------------------------------------------------------------------- Name : krb5 Product : Fedora 30 Version : 1.17 Release : 15.fc30 URL : http://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. -------------------------------------------------------------------------------- Update Information: Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) This is a purely denial-of-service issue, though it is unauthenticated, and is unlikely to trigger by accident. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 25 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-15 - Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) * Wed Apr 24 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-14 - Add dns_canonicalize_hostname=fallback support * Wed Apr 24 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-13 - Check more errors in OpenSSL crypto backend * Mon Apr 22 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-12 - Fix potential close(-1) in cc_file.c * Wed Apr 17 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-11 - Remove ovsec_adm_export and confvalidator * Wed Apr 17 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-10 - Fix config realm change logic in FILE remove_cred * Thu Apr 11 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-9 - Remove Kerberos v4 support vestiges (including ktany support) * Thu Apr 11 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-8 - Implement krb5_cc_remove_cred for remaining types - Resolves: #1693836 * Mon Apr 1 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-7 - FIPS-aware SPAKE group negotiation * Mon Feb 25 2019 Robbie Harwood <rharwood(a)redhat.com&gt; - 1.17-6 - Fix memory leak in 'none' replay cache type - Silence a coverity warning while we're here. -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-320a5a6a68' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------