- Issued:
- 2008-07-24
- Updated:
- 2008-07-24
RHBA-2008:0714 - Bug Fix Advisory
Synopsis
krb5 bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated krb5 packages that fix several bugs are now available.
Description
Kerberos is a network authentication system, which allows clients and
servers to authenticate to each other through the use of symmetric
encryption and a trusted third party: the Key Distribution Center (KDC).
These updated packages fix the following bugs:
- the krb5 init scripts returned certain error codes that did not comply
with guidelines for various causes of failure. In these updated packages,
the init scripts have been updated to more closely conform to
distribution-wide guidelines.
- when a calling application supplied a zero-length password, and a
callback function to the krb5_get_init_creds_password() function, libkrb5
provided that callback function with a zero-length buffer in which to place
answers to any questions being asked. This may have denied users SSH access
if sshd was running with the "PermitEmptyPasswords yes" option configured
in "/etc/ssh/sshd_config". These updated packages included a backported fix
to resolve this issue.
- when replying to an AS request, the KDC incorrectly reported the client's
account expiration time, instead of the client's password expiration time,
frequently causing the client application to display an erroneous warning
to the user.
- due to a packaging error, RPM verification failed. RPM incorrectly
flagged, as a possible problem, that the contents of the "/etc/krb5.conf"
configuration file had changed, despite such changes being both expected
and normal.
Users of krb5 are advised to upgrade to these updated packages, which
resolve these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 242501 - Wrong init script
- BZ - 244645 - Problem for ssh for kerberos users with PermitEmptyPasswords yes
- BZ - 327521 - Rpm Verify Fails - krb5.conf needs %verify(not md5 size mtime) in %config
- BZ - 442772 - ftp case directive botches mget when mixed case filenames exit
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 4
SRPM | |
---|---|
krb5-1.3.4-60.el4.src.rpm | SHA-256: ab88dd3bcf3da0ee672bff2cd8bcb5af8880adede198265c862336a00000a1d0 |
x86_64 | |
krb5-devel-1.3.4-60.el4.x86_64.rpm | SHA-256: a41e7dce0216b1e57a1f090a9e5d204e69942537c61e5c436bdd350ba8223b39 |
krb5-devel-1.3.4-60.el4.x86_64.rpm | SHA-256: a41e7dce0216b1e57a1f090a9e5d204e69942537c61e5c436bdd350ba8223b39 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-libs-1.3.4-60.el4.x86_64.rpm | SHA-256: dccc13be5838cee0327e5727ef41721dc0a5c865f110e17f333e5c3b89edc788 |
krb5-libs-1.3.4-60.el4.x86_64.rpm | SHA-256: dccc13be5838cee0327e5727ef41721dc0a5c865f110e17f333e5c3b89edc788 |
krb5-server-1.3.4-60.el4.x86_64.rpm | SHA-256: 19945e19204824f22ccaa8c60db1ed44cb246aba2d9f6c1d86d0ced72f365efa |
krb5-server-1.3.4-60.el4.x86_64.rpm | SHA-256: 19945e19204824f22ccaa8c60db1ed44cb246aba2d9f6c1d86d0ced72f365efa |
krb5-workstation-1.3.4-60.el4.x86_64.rpm | SHA-256: d4d34bc2d1546b6fb6c1ac548ddd28f501186eee9a5569d7d16d175fa0de5292 |
krb5-workstation-1.3.4-60.el4.x86_64.rpm | SHA-256: d4d34bc2d1546b6fb6c1ac548ddd28f501186eee9a5569d7d16d175fa0de5292 |
ia64 | |
krb5-devel-1.3.4-60.el4.ia64.rpm | SHA-256: ac1806d8f6b54e6585d14d548531dd428c5ad903318d8947f4b8f13180805a86 |
krb5-devel-1.3.4-60.el4.ia64.rpm | SHA-256: ac1806d8f6b54e6585d14d548531dd428c5ad903318d8947f4b8f13180805a86 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-libs-1.3.4-60.el4.ia64.rpm | SHA-256: 6ec8f9d364580646bdb9d5dc1978aeadfba0ea171b95974f6a53beadcea644d5 |
krb5-libs-1.3.4-60.el4.ia64.rpm | SHA-256: 6ec8f9d364580646bdb9d5dc1978aeadfba0ea171b95974f6a53beadcea644d5 |
krb5-server-1.3.4-60.el4.ia64.rpm | SHA-256: 98ac4f9ab820af7d449fba6482cb9a8c0df3d1808ea73447dd436a18c9205fef |
krb5-server-1.3.4-60.el4.ia64.rpm | SHA-256: 98ac4f9ab820af7d449fba6482cb9a8c0df3d1808ea73447dd436a18c9205fef |
krb5-workstation-1.3.4-60.el4.ia64.rpm | SHA-256: 459cbb27dffbd3aa33181212bd093a97734edb5a6484db2362798e68ef674ab6 |
krb5-workstation-1.3.4-60.el4.ia64.rpm | SHA-256: 459cbb27dffbd3aa33181212bd093a97734edb5a6484db2362798e68ef674ab6 |
i386 | |
krb5-devel-1.3.4-60.el4.i386.rpm | SHA-256: 1325bb83213c5060f61281ea47bf3694fc79c12510a5f95e4f9fc847d5c6a823 |
krb5-devel-1.3.4-60.el4.i386.rpm | SHA-256: 1325bb83213c5060f61281ea47bf3694fc79c12510a5f95e4f9fc847d5c6a823 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-server-1.3.4-60.el4.i386.rpm | SHA-256: 08da5653ae0f46ceaf4213c3ba8ea10f7252112e8b9987197fc57770e26ef24f |
krb5-server-1.3.4-60.el4.i386.rpm | SHA-256: 08da5653ae0f46ceaf4213c3ba8ea10f7252112e8b9987197fc57770e26ef24f |
krb5-workstation-1.3.4-60.el4.i386.rpm | SHA-256: 2129b9c2ff12bd31c1d3be78cdb008ed1ba5b5ab4857a5ddd86c4cb10c3a8edd |
krb5-workstation-1.3.4-60.el4.i386.rpm | SHA-256: 2129b9c2ff12bd31c1d3be78cdb008ed1ba5b5ab4857a5ddd86c4cb10c3a8edd |
Red Hat Enterprise Linux Workstation 4
SRPM | |
---|---|
krb5-1.3.4-60.el4.src.rpm | SHA-256: ab88dd3bcf3da0ee672bff2cd8bcb5af8880adede198265c862336a00000a1d0 |
x86_64 | |
krb5-devel-1.3.4-60.el4.x86_64.rpm | SHA-256: a41e7dce0216b1e57a1f090a9e5d204e69942537c61e5c436bdd350ba8223b39 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-libs-1.3.4-60.el4.x86_64.rpm | SHA-256: dccc13be5838cee0327e5727ef41721dc0a5c865f110e17f333e5c3b89edc788 |
krb5-server-1.3.4-60.el4.x86_64.rpm | SHA-256: 19945e19204824f22ccaa8c60db1ed44cb246aba2d9f6c1d86d0ced72f365efa |
krb5-workstation-1.3.4-60.el4.x86_64.rpm | SHA-256: d4d34bc2d1546b6fb6c1ac548ddd28f501186eee9a5569d7d16d175fa0de5292 |
ia64 | |
krb5-devel-1.3.4-60.el4.ia64.rpm | SHA-256: ac1806d8f6b54e6585d14d548531dd428c5ad903318d8947f4b8f13180805a86 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-libs-1.3.4-60.el4.ia64.rpm | SHA-256: 6ec8f9d364580646bdb9d5dc1978aeadfba0ea171b95974f6a53beadcea644d5 |
krb5-server-1.3.4-60.el4.ia64.rpm | SHA-256: 98ac4f9ab820af7d449fba6482cb9a8c0df3d1808ea73447dd436a18c9205fef |
krb5-workstation-1.3.4-60.el4.ia64.rpm | SHA-256: 459cbb27dffbd3aa33181212bd093a97734edb5a6484db2362798e68ef674ab6 |
i386 | |
krb5-devel-1.3.4-60.el4.i386.rpm | SHA-256: 1325bb83213c5060f61281ea47bf3694fc79c12510a5f95e4f9fc847d5c6a823 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-server-1.3.4-60.el4.i386.rpm | SHA-256: 08da5653ae0f46ceaf4213c3ba8ea10f7252112e8b9987197fc57770e26ef24f |
krb5-workstation-1.3.4-60.el4.i386.rpm | SHA-256: 2129b9c2ff12bd31c1d3be78cdb008ed1ba5b5ab4857a5ddd86c4cb10c3a8edd |
Red Hat Enterprise Linux Desktop 4
SRPM | |
---|---|
krb5-1.3.4-60.el4.src.rpm | SHA-256: ab88dd3bcf3da0ee672bff2cd8bcb5af8880adede198265c862336a00000a1d0 |
x86_64 | |
krb5-devel-1.3.4-60.el4.x86_64.rpm | SHA-256: a41e7dce0216b1e57a1f090a9e5d204e69942537c61e5c436bdd350ba8223b39 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-libs-1.3.4-60.el4.x86_64.rpm | SHA-256: dccc13be5838cee0327e5727ef41721dc0a5c865f110e17f333e5c3b89edc788 |
krb5-server-1.3.4-60.el4.x86_64.rpm | SHA-256: 19945e19204824f22ccaa8c60db1ed44cb246aba2d9f6c1d86d0ced72f365efa |
krb5-workstation-1.3.4-60.el4.x86_64.rpm | SHA-256: d4d34bc2d1546b6fb6c1ac548ddd28f501186eee9a5569d7d16d175fa0de5292 |
i386 | |
krb5-devel-1.3.4-60.el4.i386.rpm | SHA-256: 1325bb83213c5060f61281ea47bf3694fc79c12510a5f95e4f9fc847d5c6a823 |
krb5-libs-1.3.4-60.el4.i386.rpm | SHA-256: d967118b18cd34e62c04f08b1f200b07303147fb0504c7adcb9cd143946a2063 |
krb5-server-1.3.4-60.el4.i386.rpm | SHA-256: 08da5653ae0f46ceaf4213c3ba8ea10f7252112e8b9987197fc57770e26ef24f |
krb5-workstation-1.3.4-60.el4.i386.rpm | SHA-256: 2129b9c2ff12bd31c1d3be78cdb008ed1ba5b5ab4857a5ddd86c4cb10c3a8edd |
Red Hat Enterprise Linux for IBM z Systems 4
SRPM | |
---|---|
krb5-1.3.4-60.el4.src.rpm | SHA-256: ab88dd3bcf3da0ee672bff2cd8bcb5af8880adede198265c862336a00000a1d0 |
s390x | |
krb5-devel-1.3.4-60.el4.s390x.rpm | SHA-256: 352617df6ead54c3e868754dfb49e8c9f693a7a25e77c54d8ffcb36d3d5ed9d7 |
krb5-libs-1.3.4-60.el4.s390.rpm | SHA-256: 09bf958309f675e1387a00f24908ec3abdb02d2dbbd2460ada758d8834bcf6ef |
krb5-libs-1.3.4-60.el4.s390x.rpm | SHA-256: e76e07201acc77efaeb2edec9695383b5a32da824f5dde104e4e19922fff8907 |
krb5-server-1.3.4-60.el4.s390x.rpm | SHA-256: b4a47769253a8c41e581a5bcbcb4a5a0ad5e922595c5a68f781f41ba99f2daa1 |
krb5-workstation-1.3.4-60.el4.s390x.rpm | SHA-256: c2e90b574692a72c9977b9d45ed253c3d30d3c8c463ea1230abe31cf83d5f07e |
s390 | |
krb5-devel-1.3.4-60.el4.s390.rpm | SHA-256: e72b520221e5e954e279c03584c28b8267ed16b3b26a43d14e2216aaaac6a8f1 |
krb5-libs-1.3.4-60.el4.s390.rpm | SHA-256: 09bf958309f675e1387a00f24908ec3abdb02d2dbbd2460ada758d8834bcf6ef |
krb5-server-1.3.4-60.el4.s390.rpm | SHA-256: 380ebc615cb9ddab6d76c638dee0dd73daffc7fcb8446be4a81e37700c9eaed6 |
krb5-workstation-1.3.4-60.el4.s390.rpm | SHA-256: 012f84b662b6ade9144f35abe059f2c22768f750d7f695f91674a8e16c2046f8 |
Red Hat Enterprise Linux for Power, big endian 4
SRPM | |
---|---|
krb5-1.3.4-60.el4.src.rpm | SHA-256: ab88dd3bcf3da0ee672bff2cd8bcb5af8880adede198265c862336a00000a1d0 |
ppc | |
krb5-devel-1.3.4-60.el4.ppc.rpm | SHA-256: 833330a8e3104a2bef6598c559256744746cbfaaca020a30378dad8794a100d3 |
krb5-libs-1.3.4-60.el4.ppc.rpm | SHA-256: 3956a259e7f0daad26303b6826c847b8d8bc52021e0d18b70eb494e2f1862885 |
krb5-libs-1.3.4-60.el4.ppc64.rpm | SHA-256: c195ae7fe06a15359f2d35dd49a2a24047328d750fc9dd1fcd0491fbff1e00cf |
krb5-server-1.3.4-60.el4.ppc.rpm | SHA-256: 47110101903e343716ebd7e29b0aa64151037695c0cede85b23582f283db774a |
krb5-workstation-1.3.4-60.el4.ppc.rpm | SHA-256: 69f1ec7ce90365dc34cfb9d9ed608262b52a3d0dc48b9771d090641d55f2146d |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.