- Issued:
- 2010-07-26
- Updated:
- 2010-07-26
RHBA-2010:0560 - Bug Fix Advisory
Synopsis
krb5 bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Kerberos is a trusted-third-party authentication system in which allows clients
and servers to authenticate to each other using symmetric encryption and the
trusted third party, the KDC.
Description
The krb5-workstation includes a utility, ksu, which can be used to grant
privileged shell access to unprivileged users using Kerberos authentication. It
can also be used to grant access to shells running as unprivileged users.
These updated packages resolve the following issues:
- ksu used perform PAM account and session management for the target user after
switching to the privileges of the target user. As a result, if that user did
not have sufficient privileges, some modules which PAM could be configured to
use would not function properly.This update performs PAM account and session
management before assuming the privileges of the target user, fixing these bugs.
(BZ#602967 and BZ#615261)
Users of krb5-workstation are advised to upgrade to these updated packages,
which resolve these issues.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 602967 - ksu with pam occasionally fails
- BZ - 615261 - [RHEL 5.5?] /etc/security/access.conf must be 444 for ksu to function properly
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 5
| SRPM | |
|---|---|
| krb5-1.6.1-36.el5_5.5.src.rpm | SHA-256: 4538aa43635447b7ff7309f69ee4d5f8114636cb90eb9ba910b5a8bff4095a53 |
| x86_64 | |
| krb5-devel-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 54eb916371cd509ecf48dc6ac74cda48ee06f55b06a1c83926e7c524f64e2fe0 |
| krb5-devel-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: 51ed21242597bcf0a8b9bbab67ce6006fe3b8fbdb602dc12c7c814a8f053bfca |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-libs-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: e4135f3c7ec45b970e6ee22671b69f5c2b48b93d789afe388e8c47cdb4f2cf51 |
| krb5-server-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: dfc532e5194a1b74245ee25a223f7c792b42e49786bbb62fa5f482ca94b51f0c |
| krb5-workstation-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: 9b8a5d8e1124a036943854387afc71cae2e03df46c4b8ee200f7adf61be7cdfa |
| ia64 | |
| krb5-devel-1.6.1-36.el5_5.5.ia64.rpm | SHA-256: 9a902c25f2e5caec00d295b752ca3b2d061e0ff6c743ebb481830f0b22c72fc2 |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-libs-1.6.1-36.el5_5.5.ia64.rpm | SHA-256: 77299e9a34d4cdeed39011f759eac03d03cb62068a39a093843159cc9ad84825 |
| krb5-server-1.6.1-36.el5_5.5.ia64.rpm | SHA-256: ada6e40c19adc31a329b46fb4cc878738d2c9f3a85f432c3a8c901e401318ba4 |
| krb5-workstation-1.6.1-36.el5_5.5.ia64.rpm | SHA-256: 510a83c18c04c077681b1df38b62d0c109f340593f33cbd57dcf8a8471ef8dcb |
| i386 | |
| krb5-devel-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 54eb916371cd509ecf48dc6ac74cda48ee06f55b06a1c83926e7c524f64e2fe0 |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-server-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 545d373f69c19fb353e5394246801204eb293bd5af41f58c4fca00d72cfdcc71 |
| krb5-workstation-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 7e14e3c2bd0a31df6a84bc662ef48c468024ab8dd09c292daf0d66d60601dd62 |
Red Hat Enterprise Linux Workstation 5
| SRPM | |
|---|---|
| krb5-1.6.1-36.el5_5.5.src.rpm | SHA-256: 4538aa43635447b7ff7309f69ee4d5f8114636cb90eb9ba910b5a8bff4095a53 |
| x86_64 | |
| krb5-devel-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 54eb916371cd509ecf48dc6ac74cda48ee06f55b06a1c83926e7c524f64e2fe0 |
| krb5-devel-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: 51ed21242597bcf0a8b9bbab67ce6006fe3b8fbdb602dc12c7c814a8f053bfca |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-libs-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: e4135f3c7ec45b970e6ee22671b69f5c2b48b93d789afe388e8c47cdb4f2cf51 |
| krb5-server-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: dfc532e5194a1b74245ee25a223f7c792b42e49786bbb62fa5f482ca94b51f0c |
| krb5-workstation-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: 9b8a5d8e1124a036943854387afc71cae2e03df46c4b8ee200f7adf61be7cdfa |
| i386 | |
| krb5-devel-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 54eb916371cd509ecf48dc6ac74cda48ee06f55b06a1c83926e7c524f64e2fe0 |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-server-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 545d373f69c19fb353e5394246801204eb293bd5af41f58c4fca00d72cfdcc71 |
| krb5-workstation-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 7e14e3c2bd0a31df6a84bc662ef48c468024ab8dd09c292daf0d66d60601dd62 |
Red Hat Enterprise Linux Desktop 5
| SRPM | |
|---|---|
| krb5-1.6.1-36.el5_5.5.src.rpm | SHA-256: 4538aa43635447b7ff7309f69ee4d5f8114636cb90eb9ba910b5a8bff4095a53 |
| x86_64 | |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-libs-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: e4135f3c7ec45b970e6ee22671b69f5c2b48b93d789afe388e8c47cdb4f2cf51 |
| krb5-workstation-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: 9b8a5d8e1124a036943854387afc71cae2e03df46c4b8ee200f7adf61be7cdfa |
| i386 | |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-workstation-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 7e14e3c2bd0a31df6a84bc662ef48c468024ab8dd09c292daf0d66d60601dd62 |
Red Hat Enterprise Linux for IBM z Systems 5
| SRPM | |
|---|---|
| krb5-1.6.1-36.el5_5.5.src.rpm | SHA-256: 4538aa43635447b7ff7309f69ee4d5f8114636cb90eb9ba910b5a8bff4095a53 |
| s390x | |
| krb5-devel-1.6.1-36.el5_5.5.s390.rpm | SHA-256: 1482dde20bf75449dd87c8cffb657dbf7097c70ae49e1eccbe391998e205e856 |
| krb5-devel-1.6.1-36.el5_5.5.s390x.rpm | SHA-256: d0b75922f0797aaf77bf6e2cf03cfc6b330bf0b6a5f141aad41e5c7734a9c4f6 |
| krb5-libs-1.6.1-36.el5_5.5.s390.rpm | SHA-256: d0be7f67ad208ab513172808802383d1ab15c489905943c304a78acf768bb104 |
| krb5-libs-1.6.1-36.el5_5.5.s390x.rpm | SHA-256: 420fce59c66d8ac1221f493fd987c8573284d530ff461696783286b7d6a403d0 |
| krb5-server-1.6.1-36.el5_5.5.s390x.rpm | SHA-256: 8cb6204e67552bf7867929de90270977c9b49354d7f38479ec29f314925d80ab |
| krb5-workstation-1.6.1-36.el5_5.5.s390x.rpm | SHA-256: 09b9ab6cb536ff0bc3b8e3611753698324184d4b1c6f164bd91be4fcd908015e |
Red Hat Enterprise Linux for Power, big endian 5
| SRPM | |
|---|---|
| krb5-1.6.1-36.el5_5.5.src.rpm | SHA-256: 4538aa43635447b7ff7309f69ee4d5f8114636cb90eb9ba910b5a8bff4095a53 |
| ppc | |
| krb5-devel-1.6.1-36.el5_5.5.ppc.rpm | SHA-256: 01a78d3329868b7718a951e5fd8b964c1b0edce43915ff330be819d064d04f98 |
| krb5-devel-1.6.1-36.el5_5.5.ppc64.rpm | SHA-256: 128f066458fbb70958b8dc8da75881ac2f8a8a768da9ac753acf0d5461994e7a |
| krb5-libs-1.6.1-36.el5_5.5.ppc.rpm | SHA-256: 9a07706e852ee65f54c59ff57b534a2064f5c536ae9562fe6325560dbfcecb3b |
| krb5-libs-1.6.1-36.el5_5.5.ppc64.rpm | SHA-256: de5c31bad62e29921662c8d2b34ae665e7a5a1d1af309e3e99840be84004a82c |
| krb5-server-1.6.1-36.el5_5.5.ppc.rpm | SHA-256: f66ad98f2b8fc5947e0308fba92091fbdcac0365699d67137c80f38829a00e65 |
| krb5-workstation-1.6.1-36.el5_5.5.ppc.rpm | SHA-256: e2f1b02b7d0d49139119adf466088ed90f2defd9ca06d4a16140a7520e531dbb |
Red Hat Enterprise Linux Server from RHUI 5
| SRPM | |
|---|---|
| krb5-1.6.1-36.el5_5.5.src.rpm | SHA-256: 4538aa43635447b7ff7309f69ee4d5f8114636cb90eb9ba910b5a8bff4095a53 |
| x86_64 | |
| krb5-devel-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 54eb916371cd509ecf48dc6ac74cda48ee06f55b06a1c83926e7c524f64e2fe0 |
| krb5-devel-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: 51ed21242597bcf0a8b9bbab67ce6006fe3b8fbdb602dc12c7c814a8f053bfca |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-libs-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: e4135f3c7ec45b970e6ee22671b69f5c2b48b93d789afe388e8c47cdb4f2cf51 |
| krb5-server-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: dfc532e5194a1b74245ee25a223f7c792b42e49786bbb62fa5f482ca94b51f0c |
| krb5-workstation-1.6.1-36.el5_5.5.x86_64.rpm | SHA-256: 9b8a5d8e1124a036943854387afc71cae2e03df46c4b8ee200f7adf61be7cdfa |
| i386 | |
| krb5-devel-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 54eb916371cd509ecf48dc6ac74cda48ee06f55b06a1c83926e7c524f64e2fe0 |
| krb5-libs-1.6.1-36.el5_5.5.i386.rpm | SHA-256: c3aef6d6858cd750cba782dc696875f8f60ea2e63cf7ebb6a9e504e518b3dae5 |
| krb5-server-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 545d373f69c19fb353e5394246801204eb293bd5af41f58c4fca00d72cfdcc71 |
| krb5-workstation-1.6.1-36.el5_5.5.i386.rpm | SHA-256: 7e14e3c2bd0a31df6a84bc662ef48c468024ab8dd09c292daf0d66d60601dd62 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
