RHBA-2008:0813 - Bug Fix Advisory
pam_krb5 bug fix update
Bug Fix Advisory
Updated pam-krb5 packages that resolve an issue are now available.
The pam_krb5 package contains a pluggable authentication module which
allows PAM-aware applications to use Kerberos 5 to verify a user's password
and to obtain and manage Kerberos credentials associated with a user session.
These updated pam-krb5 packages fix a bug which caused user authentication
to fail under certain circumstances. When authenticating a user, if the
user's password was expired, the module would attempt to obtain
password-changing credentials in order to verify the user's password. When
the module was configured to validate credentials, it would incorrectly
attempt to validate the password-changing credentials, which cannot be
validated in the way that a ticket-granting ticket can. In these updated
packages, an exception is made in this case, thus resolving the issue.
All users of pam-krb5 are advised to upgrade to these updated packages,
which resolve this issue.
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 3 ppc
- BZ - 435168 - User cannot authenticate if the password has been expired and option validate is used.
Red Hat Enterprise Linux Server 3
Red Hat Enterprise Linux Workstation 3
Red Hat Enterprise Linux Desktop 3
Red Hat Enterprise Linux for IBM z Systems 3
Red Hat Enterprise Linux for Power, big endian 3