Oval Definition:oval:com.redhat.rhsa:def:20100423
Revision Date:2010-05-18Version:636
Title:RHSA-2010:0423: krb5 security update (Important)
Description:Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third party, the Key Distribution Center (KDC).

  • A NULL pointer dereference flaw was discovered in the MIT Kerberos Generic Security Service Application Program Interface (GSS-API) library. A remote, authenticated attacker could use this flaw to crash any server application using the GSS-API authentication mechanism, by sending a specially-crafted GSS-API token with a missing checksum field. (CVE-2010-1321)

    Red Hat would like to thank the MIT Kerberos Team for responsibly reporting this issue. Upstream acknowledges Shawn Emery of Oracle as the original reporter.

    All krb5 users should upgrade to these updated packages, which contain a backported patch to correct this issue. All running services using the MIT Kerberos libraries must be restarted for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2010-1321
    RHSA-2010:0423
    RHSA-2010:0423-01
    RHSA-2010:0423-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • krb5-server is earlier than 0:1.2.7-72
  • AND krb5-server is signed with Red Hat master key
  • krb5-devel is earlier than 0:1.2.7-72
  • AND krb5-devel is signed with Red Hat master key
  • krb5-workstation is earlier than 0:1.2.7-72
  • AND krb5-workstation is signed with Red Hat master key
  • krb5-libs is earlier than 0:1.2.7-72
  • AND krb5-libs is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • krb5-libs is earlier than 0:1.3.4-62.el4_8.2
  • AND krb5-libs is signed with Red Hat master key
  • krb5-devel is earlier than 0:1.3.4-62.el4_8.2
  • AND krb5-devel is signed with Red Hat master key
  • krb5-workstation is earlier than 0:1.3.4-62.el4_8.2
  • AND krb5-workstation is signed with Red Hat master key
  • krb5-server is earlier than 0:1.3.4-62.el4_8.2
  • AND krb5-server is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • krb5-libs is earlier than 0:1.6.1-36.el5_5.4
  • AND krb5-libs is signed with Red Hat redhatrelease key
  • krb5-devel is earlier than 0:1.6.1-36.el5_5.4
  • AND krb5-devel is signed with Red Hat redhatrelease key
  • krb5-server is earlier than 0:1.6.1-36.el5_5.4
  • AND krb5-server is signed with Red Hat redhatrelease key
  • krb5-workstation is earlier than 0:1.6.1-36.el5_5.4
  • AND krb5-workstation is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • krb5-devel is earlier than 0:1.3.4-62.el4_8.2
  • AND krb5-devel is signed with Red Hat redhatrelease2 key
  • krb5-libs is earlier than 0:1.3.4-62.el4_8.2
  • AND krb5-libs is signed with Red Hat redhatrelease2 key
  • krb5-server is earlier than 0:1.3.4-62.el4_8.2
  • AND krb5-server is signed with Red Hat redhatrelease2 key
  • krb5-workstation is earlier than 0:1.3.4-62.el4_8.2
  • AND krb5-workstation is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • krb5-devel is earlier than 0:1.6.1-36.el5_5.4
  • AND krb5-devel is signed with Red Hat redhatrelease2 key
  • krb5-libs is earlier than 0:1.6.1-36.el5_5.4
  • AND krb5-libs is signed with Red Hat redhatrelease2 key
  • krb5-server is earlier than 0:1.6.1-36.el5_5.4
  • AND krb5-server is signed with Red Hat redhatrelease2 key
  • krb5-workstation is earlier than 0:1.6.1-36.el5_5.4
  • AND krb5-workstation is signed with Red Hat redhatrelease2 key
    • BACK