- Issued:
- 2011-07-21
- Updated:
- 2011-07-21
RHBA-2011:1016 - Bug Fix Advisory
Synopsis
pam_krb5 bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated pam_krb5 package that fixes various bugs is now available for Red Hat
Enterprise Linux 5.
Description
The pam_krb5 package allows applications which use the Pluggable Authentication
Modules (PAM) framework to perform password-based authentication using Kerberos
5.
This updated pam_krb5 package includes fixes for the following bugs:
- Previously, multiple authentication attempts may have led to a memory leak
when the pam_krb5 module was unloaded. This was caused when the calling
application cleaned up the context it used when interacting with the libpam.
This has been fixed by preventing the module from being unloaded. (BZ#643962)
- An attempt to set a new Kerberos password using the "passwd" command failed
due to a bug which was triggered when the smart card authentication method was
enabled and the card was plugged in. This problem has been fixed and users are
now able to change the Kerberos password. (BZ#713967)
All users of pam_krb5 are advised to upgrade to this updated package, which
resolves these issues.
Solution
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 643962 - [NetApp 5.7 bug] Memory leak on PAM for Active Directory users
- BZ - 713967 - Smart card login with Kerberos credential: passwd command does not change the kerberos password.
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
| SRPM | |
|---|---|
| pam_krb5-2.2.14-21.el5.src.rpm | SHA-256: 2aa91b66321aba12e2d1614cb7d0b79be8f9e605b5be407785b4ca34cab4ec85 |
| x86_64 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
| pam_krb5-2.2.14-21.el5.x86_64.rpm | SHA-256: da013ae46cb80c0284375420f4f23112a60509a2847912c523de433303b5f0f4 |
| ia64 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
| pam_krb5-2.2.14-21.el5.ia64.rpm | SHA-256: 454d16d5b07e2cdd068057507b6da62a389308926b12eb64ef6d09eb1f36c0a6 |
| i386 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
Red Hat Enterprise Linux Workstation 5
| SRPM | |
|---|---|
| pam_krb5-2.2.14-21.el5.src.rpm | SHA-256: 2aa91b66321aba12e2d1614cb7d0b79be8f9e605b5be407785b4ca34cab4ec85 |
| x86_64 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
| pam_krb5-2.2.14-21.el5.x86_64.rpm | SHA-256: da013ae46cb80c0284375420f4f23112a60509a2847912c523de433303b5f0f4 |
| i386 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
Red Hat Enterprise Linux Desktop 5
| SRPM | |
|---|---|
| pam_krb5-2.2.14-21.el5.src.rpm | SHA-256: 2aa91b66321aba12e2d1614cb7d0b79be8f9e605b5be407785b4ca34cab4ec85 |
| x86_64 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
| pam_krb5-2.2.14-21.el5.x86_64.rpm | SHA-256: da013ae46cb80c0284375420f4f23112a60509a2847912c523de433303b5f0f4 |
| i386 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
Red Hat Enterprise Linux for IBM z Systems 5
| SRPM | |
|---|---|
| pam_krb5-2.2.14-21.el5.src.rpm | SHA-256: 2aa91b66321aba12e2d1614cb7d0b79be8f9e605b5be407785b4ca34cab4ec85 |
| s390x | |
| pam_krb5-2.2.14-21.el5.s390.rpm | SHA-256: 72a25c92839678e751827445c816c81970aa204ffc3399e0f462650a313a2aa3 |
| pam_krb5-2.2.14-21.el5.s390x.rpm | SHA-256: 4d40ec92c2c8530d42f4b7559428f1fa1c33c506456ea2fe31fdad13e700083b |
Red Hat Enterprise Linux for Power, big endian 5
| SRPM | |
|---|---|
| pam_krb5-2.2.14-21.el5.src.rpm | SHA-256: 2aa91b66321aba12e2d1614cb7d0b79be8f9e605b5be407785b4ca34cab4ec85 |
| ppc | |
| pam_krb5-2.2.14-21.el5.ppc.rpm | SHA-256: 5d0bf8e01f3e01b7be323923a9a8d36b8a5d81034337f9c6262e35e9d73f8ec4 |
| pam_krb5-2.2.14-21.el5.ppc64.rpm | SHA-256: 5d2ebe272e999c0c237eac3a9bed388f03b73077eafacf23aab70cdafd1c13a4 |
Red Hat Enterprise Linux Server from RHUI 5
| SRPM | |
|---|---|
| pam_krb5-2.2.14-21.el5.src.rpm | SHA-256: 2aa91b66321aba12e2d1614cb7d0b79be8f9e605b5be407785b4ca34cab4ec85 |
| x86_64 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
| pam_krb5-2.2.14-21.el5.x86_64.rpm | SHA-256: da013ae46cb80c0284375420f4f23112a60509a2847912c523de433303b5f0f4 |
| i386 | |
| pam_krb5-2.2.14-21.el5.i386.rpm | SHA-256: 6ece1283985681d2b1fdc8ef101f1cec2f7b5f7d07336c844a5504180181a274 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
