--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-2962e58478
2018-01-09 15:17:15.718726
--------------------------------------------------------------------------------
Name : heimdal
Product : Fedora 26
Version : 7.5.0
Release : 1.fc26
URL :
http://www.h5l.org/
Summary : A Kerberos 5 implementation without export restrictions
Description :
Kerberos 5 is a network authentication and single sign-on system.
Heimdal is a free Kerberos 5 implementation without export restrictions
written from the spec (rfc1510 and successors) including advanced features
like thread safety, IPv6, master-slave replication of Kerberos Key
Distribution Center server and support for ticket delegation (S4U2Self,
S4U2Proxy).
This package can coexist with MIT Kerberos 5 packages. Hesiod is disabled
by default since it is deemed too big a security risk by the packager.
--------------------------------------------------------------------------------
Update Information:
Update to 7.5.0 GA release (CVE-2017-17439)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1524546 - CVE-2017-17439 heimdal: NULL pointer dereference via crafted UDP
packets
https://bugzilla.redhat.com/show_bug.cgi?id=1524546
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade heimdal' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------