- Issued:
- 2014-10-13
- Updated:
- 2014-10-13
RHBA-2014:1557 - Bug Fix Advisory
Synopsis
mod_auth_kerb bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated mod_auth_kerb packages that fix several bugs are now available for Red
Hat Enterprise Linux 6.
Description
The mod_auth_kerb packages provide a module for the Apache HTTP Server designed
to provide Kerberos authentication over HTTP. The module supports the Negotiate
authentication method, which performs full Kerberos authentication based on
ticket exchanges.
This update fixes the following bugs:
- This update adds the missing description of the "KrbLocalUserMapping" option
to the README file. (BZ#970678)
- Previously, the mod_auth_kerb module was not compatible with the way certain
browsers, such as Mozilla Firefox, handled an expired Kerberos ticket. As a
consequence, opening a Kerberos-protected page in these browsers with an expired
Kerberos ticket caused mod_auth_kerb to fail. With this update, the error in
mod_auth_kerb has been addressed and the mentioned problem no longer occurs.
(BZ#981248)
- Due to a bug in the underlying source code, when the "S4U2Proxy" extension was
configured, the mod_auth_kerb module did not renew tickets that were not valid
yet. This update applies a patch to fix this bug and the tickets are now
correctly renewed as expected. (BZ#1050015)
Users of mod_auth_kerb are advised to upgrade to these updated packages, which
fix these bugs.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x
Fixes
- BZ - 970678 - Document the KrbLocalUserMapping option in README
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| x86_64 | |
| mod_auth_kerb-5.4-13.el6.x86_64.rpm | SHA-256: a81080e53c39f2d974809e262d80bda3942fa58b8c176c56c247ae030d5d97d1 |
| mod_auth_kerb-5.4-13.el6.x86_64.rpm | SHA-256: a81080e53c39f2d974809e262d80bda3942fa58b8c176c56c247ae030d5d97d1 |
| mod_auth_kerb-debuginfo-5.4-13.el6.x86_64.rpm | SHA-256: f530546cf755bdb96f1ce6c801f24cd2a41c86625d166f8be0c7f10b7b8d119e |
| mod_auth_kerb-debuginfo-5.4-13.el6.x86_64.rpm | SHA-256: f530546cf755bdb96f1ce6c801f24cd2a41c86625d166f8be0c7f10b7b8d119e |
| i386 | |
| mod_auth_kerb-5.4-13.el6.i686.rpm | SHA-256: 44c6832c1b918b2ab188b1f9dc0c94bc5fcd1ebe3d63fe435cc0bc1021245889 |
| mod_auth_kerb-debuginfo-5.4-13.el6.i686.rpm | SHA-256: 6191446b89c469267613ded7636dd1a5ccf7461d1598e1a33ee1679625f1523d |
Red Hat Enterprise Linux Server from RHUI 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| x86_64 | |
| mod_auth_kerb-5.4-13.el6.x86_64.rpm | SHA-256: a81080e53c39f2d974809e262d80bda3942fa58b8c176c56c247ae030d5d97d1 |
| mod_auth_kerb-debuginfo-5.4-13.el6.x86_64.rpm | SHA-256: f530546cf755bdb96f1ce6c801f24cd2a41c86625d166f8be0c7f10b7b8d119e |
| i386 | |
| mod_auth_kerb-5.4-13.el6.i686.rpm | SHA-256: 44c6832c1b918b2ab188b1f9dc0c94bc5fcd1ebe3d63fe435cc0bc1021245889 |
| mod_auth_kerb-debuginfo-5.4-13.el6.i686.rpm | SHA-256: 6191446b89c469267613ded7636dd1a5ccf7461d1598e1a33ee1679625f1523d |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| x86_64 | |
| mod_auth_kerb-5.4-13.el6.x86_64.rpm | SHA-256: a81080e53c39f2d974809e262d80bda3942fa58b8c176c56c247ae030d5d97d1 |
| mod_auth_kerb-debuginfo-5.4-13.el6.x86_64.rpm | SHA-256: f530546cf755bdb96f1ce6c801f24cd2a41c86625d166f8be0c7f10b7b8d119e |
| i386 | |
| mod_auth_kerb-5.4-13.el6.i686.rpm | SHA-256: 44c6832c1b918b2ab188b1f9dc0c94bc5fcd1ebe3d63fe435cc0bc1021245889 |
| mod_auth_kerb-debuginfo-5.4-13.el6.i686.rpm | SHA-256: 6191446b89c469267613ded7636dd1a5ccf7461d1598e1a33ee1679625f1523d |
Red Hat Enterprise Linux Workstation 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| x86_64 | |
| mod_auth_kerb-5.4-13.el6.x86_64.rpm | SHA-256: a81080e53c39f2d974809e262d80bda3942fa58b8c176c56c247ae030d5d97d1 |
| mod_auth_kerb-debuginfo-5.4-13.el6.x86_64.rpm | SHA-256: f530546cf755bdb96f1ce6c801f24cd2a41c86625d166f8be0c7f10b7b8d119e |
| i386 | |
| mod_auth_kerb-5.4-13.el6.i686.rpm | SHA-256: 44c6832c1b918b2ab188b1f9dc0c94bc5fcd1ebe3d63fe435cc0bc1021245889 |
| mod_auth_kerb-debuginfo-5.4-13.el6.i686.rpm | SHA-256: 6191446b89c469267613ded7636dd1a5ccf7461d1598e1a33ee1679625f1523d |
Red Hat Enterprise Linux Desktop 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| x86_64 | |
| mod_auth_kerb-5.4-13.el6.x86_64.rpm | SHA-256: a81080e53c39f2d974809e262d80bda3942fa58b8c176c56c247ae030d5d97d1 |
| mod_auth_kerb-debuginfo-5.4-13.el6.x86_64.rpm | SHA-256: f530546cf755bdb96f1ce6c801f24cd2a41c86625d166f8be0c7f10b7b8d119e |
| i386 | |
| mod_auth_kerb-5.4-13.el6.i686.rpm | SHA-256: 44c6832c1b918b2ab188b1f9dc0c94bc5fcd1ebe3d63fe435cc0bc1021245889 |
| mod_auth_kerb-debuginfo-5.4-13.el6.i686.rpm | SHA-256: 6191446b89c469267613ded7636dd1a5ccf7461d1598e1a33ee1679625f1523d |
Red Hat Enterprise Linux for IBM z Systems 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| s390x | |
| mod_auth_kerb-5.4-13.el6.s390x.rpm | SHA-256: 0d311b2e6c85fc1618303193ce67d9569996f7f15f47babd7c49e35462b40a03 |
| mod_auth_kerb-debuginfo-5.4-13.el6.s390x.rpm | SHA-256: e7ccb73db8fb31d9bee944f3038285eaa20874622787b286947a643557d048ca |
Red Hat Enterprise Linux for Power, big endian 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| ppc64 | |
| mod_auth_kerb-5.4-13.el6.ppc64.rpm | SHA-256: 966583fc292f91b870cec7520468ee92f61021c410a3db64d368c4587b454c8b |
| mod_auth_kerb-debuginfo-5.4-13.el6.ppc64.rpm | SHA-256: 265bb037f3fc390da7d63d30bb045d6e8fd8f4a67b951f03c38271a5fda8a2e5 |
Red Hat Enterprise Linux for Scientific Computing 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| x86_64 | |
| mod_auth_kerb-5.4-13.el6.x86_64.rpm | SHA-256: a81080e53c39f2d974809e262d80bda3942fa58b8c176c56c247ae030d5d97d1 |
| mod_auth_kerb-debuginfo-5.4-13.el6.x86_64.rpm | SHA-256: f530546cf755bdb96f1ce6c801f24cd2a41c86625d166f8be0c7f10b7b8d119e |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| s390x | |
| mod_auth_kerb-5.4-13.el6.s390x.rpm | SHA-256: 0d311b2e6c85fc1618303193ce67d9569996f7f15f47babd7c49e35462b40a03 |
| mod_auth_kerb-debuginfo-5.4-13.el6.s390x.rpm | SHA-256: e7ccb73db8fb31d9bee944f3038285eaa20874622787b286947a643557d048ca |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| x86_64 | |
| mod_auth_kerb-5.4-13.el6.x86_64.rpm | SHA-256: a81080e53c39f2d974809e262d80bda3942fa58b8c176c56c247ae030d5d97d1 |
| mod_auth_kerb-debuginfo-5.4-13.el6.x86_64.rpm | SHA-256: f530546cf755bdb96f1ce6c801f24cd2a41c86625d166f8be0c7f10b7b8d119e |
| i386 | |
| mod_auth_kerb-5.4-13.el6.i686.rpm | SHA-256: 44c6832c1b918b2ab188b1f9dc0c94bc5fcd1ebe3d63fe435cc0bc1021245889 |
| mod_auth_kerb-debuginfo-5.4-13.el6.i686.rpm | SHA-256: 6191446b89c469267613ded7636dd1a5ccf7461d1598e1a33ee1679625f1523d |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6
| SRPM | |
|---|---|
| mod_auth_kerb-5.4-13.el6.src.rpm | SHA-256: a6e0388bccf8f3a70a2eaeeeda8acd37e99f18384c091496328e41059b69aef3 |
| s390x | |
| mod_auth_kerb-5.4-13.el6.s390x.rpm | SHA-256: 0d311b2e6c85fc1618303193ce67d9569996f7f15f47babd7c49e35462b40a03 |
| mod_auth_kerb-debuginfo-5.4-13.el6.s390x.rpm | SHA-256: e7ccb73db8fb31d9bee944f3038285eaa20874622787b286947a643557d048ca |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
