- 发布:
- 2006-07-20
- 已更新:
- 2006-07-20
RHBA-2006:0404 - Bug Fix Advisory
概述
krb5 bug fix update
类型/严重性
Bug Fix Advisory
标题
Updated krb5 packages are now available for Red Hat Enterprise Linux 3.
This update corrects a crash that could occur if the Kerberos-aware FTP
client was used in PORT mode and contains a backported fix for an issue
that would cause unusual behavior in the krb5_parse_name() function.
描述
Kerberos is a network authentication system in which clients and servers
authenticate to each other with the help of a trusted third party.
FTP clients support two methods for establishing the data connection, which
is used to transfer all data which is not sent over the control connection.
There are two methods by which the data connection can be established,
differentiated by which system initiates the data connection. For
connections where the client accepts a connection from the server ("PORT"
connections), the client would attempt to dereference a NULL pointer and
crash. This update fixes the bug.
The krb5_parse_name() function is used to convert the string representation
of a Kerberos principal name into a krb5_principal structure. When the
string representation of a user's principal did not explicitly include a
realm name, krb5_parse_name() would use the name of the system's default
realm, even if the calling application had previously used the
krb5_set_default_realm() function to override this value. This update
includes a backported fix to address this bug.
Users of krb5 are advised to upgrade to the updated packages, which resolve
these issues.
解决方案
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
受影响的产品
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 3 ppc
修复
- BZ - 99310 - LTC3487 - ftp causes segmentation fault
- BZ - 117214 - [PATCH] krb5_parse_name() doesn't track changes to default realm
CVE
(none)
参考
(none)
Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。