Oval Definition:	oval:com.redhat.rhsa:def:20110356
Revision Date: 2011-03-16 Version: 641 Title: RHSA-2011:0356: krb5 security update (Important) Description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center (KDC). The Public Key Cryptography for Initial Authentication in Kerberos (PKINIT) capability provides support for using public-key authentication with Kerberos. A double-free flaw was found in the way the MIT Kerberos KDC handled initial authentication requests (AS-REQ), when the KDC was configured to provide the PKINIT capability. A remote attacker could use this flaw to cause the KDC daemon to abort by using a specially-crafted AS-REQ request. (CVE-2011-0284) All krb5 users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc daemon will be restarted automatically. Family: unix Class: patch Status: Reference(s): CVE-2011-0284 CVE-2011-0284 RHSA-2011:0356 RHSA-2011:0356-01 RHSA-2011:0356-01 Platform(s): Red Hat Enterprise Linux 6 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 6 is installed AND krb5-devel is earlier than 0:1.8.2-3.el6_0.6 AND krb5-devel is signed with Red Hat redhatrelease2 key krb5-libs is earlier than 0:1.8.2-3.el6_0.6 AND krb5-libs is signed with Red Hat redhatrelease2 key krb5-pkinit-openssl is earlier than 0:1.8.2-3.el6_0.6 AND krb5-pkinit-openssl is signed with Red Hat redhatrelease2 key krb5-server is earlier than 0:1.8.2-3.el6_0.6 AND krb5-server is signed with Red Hat redhatrelease2 key krb5-server-ldap is earlier than 0:1.8.2-3.el6_0.6 AND krb5-server-ldap is signed with Red Hat redhatrelease2 key krb5-workstation is earlier than 0:1.8.2-3.el6_0.6 AND krb5-workstation is signed with Red Hat redhatrelease2 key
BACK