--------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-408 2007-04-03 ---------------------------------------------------------------------

Product : Fedora Core 6 Name : krb5 Version : 1.5 Release : 21 Summary : The Kerberos network authentication system. Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords.

--------------------------------------------------------------------- Update Information:

This update incorporates fixes for MITKRB5-SA-2007-001 (unauthorized access via telnetd), MITKRB5-SA-2007-002 (buffer overflow in KDC and kadmind logging), and MITKRB5-SA-2007-003 (double-free in kadmind). --------------------------------------------------------------------- * Thu Mar 15 2007 Nalin Dahyabhai nalin@redhat.com 1.5-21 - add patch to fix buffer overflow in krb5kdc and kadmind (#231528, CVE-2007-0957) - add patch to fix double-free in kadmind (#231537, CVE-2007-1216) * Tue Feb 27 2007 Nalin Dahyabhai nalin@redhat.com - 1.5-20 - temporarily back out %post changes, fix for #143289 for security update - add patch to correct unauthorized access via krb5-aware telnet daemon (#229782, CVE-2007-0956) * Thu Jan 25 2007 Nalin Dahyabhai nalin@redhat.com - 1.5-19 - refrain from killing any lingering members of our child's process group when logging that the child process has exited (Jose Plans, #143289) * Mon Jan 22 2007 Nalin Dahyabhai nalin@redhat.com - 1.5-18 - make use of install-info more failsafe (Ville Skyttä, #223704) * Tue Jan 16 2007 Nalin Dahyabhai nalin@redhat.com - 1.5-17 - move to using pregenerated PDF docs to cure multilib conflicts (#222721) * Fri Jan 12 2007 Nalin Dahyabhai nalin@redhat.com - 1.5-16 - update backport of the preauth module interface (part of #194654)

--------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

cc068f79cd7fe62667147cba0b96659ddce60b5b SRPMS/krb5-1.5-21.src.rpm cc068f79cd7fe62667147cba0b96659ddce60b5b noarch/krb5-1.5-21.src.rpm 98c8b325ddb13f3757fb349cd87c3d61c8eec9bf ppc/krb5-workstation-1.5-21.ppc.rpm 9a20b89bdcfabf503926c17b69f09ab345a86ac3 ppc/krb5-devel-1.5-21.ppc.rpm bca3beecb2eb73065de7f79982d3190e50fe5b6b ppc/krb5-server-1.5-21.ppc.rpm 411eecd8de23dd486abd96de14b6b45a0fcb481a ppc/krb5-libs-1.5-21.ppc.rpm 7f423433186622ec45cbff24892e58fd3eb08cd9 ppc/debug/krb5-debuginfo-1.5-21.ppc.rpm a3138abb663b94999499bcc2ffc392710f4782f5 x86_64/debug/krb5-debuginfo-1.5-21.x86_64.rpm 412873d0d6b2ba5b4ac7a60bab868541286ac376 x86_64/krb5-server-1.5-21.x86_64.rpm 59475786c6a7c9702099257fdbd30e1657641da8 x86_64/krb5-workstation-1.5-21.x86_64.rpm 90766b552742d35290b7ac7dca280c1284a5e131 x86_64/krb5-devel-1.5-21.x86_64.rpm 479e1ae2c82899660cc4bcaa8d30fa6b2ad4a32c x86_64/krb5-libs-1.5-21.x86_64.rpm 5440d096e7f74e242c5c2974018f926f2b47e6b9 i386/krb5-workstation-1.5-21.i386.rpm 662953e86cd6f2f9ef8c7b5bf71bb5c76259186a i386/debug/krb5-debuginfo-1.5-21.i386.rpm 6b9fda6d658e97f95a1728e63cbd08b8c8586bed i386/krb5-libs-1.5-21.i386.rpm 4659fe73d50c5542f50bdcf231022fecbfdb677e i386/krb5-server-1.5-21.i386.rpm 5cda24bfe886b33745524085308cf379ae16c216 i386/krb5-devel-1.5-21.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. ---------------------------------------------------------------------