Skip to navigation

Enhancement Advisory krb5 enhancement update

Advisory: RHEA-2006:0079-11
Type: Product Enhancement Advisory
Severity: N/A
Issued on: 2006-03-07
Last updated on: 2006-03-07
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)

Details

Updated krb5-workstation packages which reduce potential stalls in the
rsh client and server and correctly handle login passwords more than eight
characters long are now available.

Kerberos 5 is a networked authentication system in which clients and
servers authenticate to each other using symmetric keys and a trusted third
party.

The krb5-workstation package contains modified versions of the standard rsh
and telnet clients and servers which make use of Kerberos for
authentication and which optionally provide encryption of data which is
sent over the network.

In situations where the rsh client and server are both attempting to send
large amounts of data over the network at the same time, it is possible for
both processes to block while waiting for the other to receive data.

When falling back to password-based authentication, login would incorrectly
compute the hash of a user's password if it was more than eight characters
long and deny access.

The ksu application was previously installed without the setuid bit set.

Users are advised to upgrade to these updated packages, which incorporate
changes which should reduce the likelihood of these occurrences.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
krb5-1.3.4-27.src.rpm
File outdated by:  RHSA-2011:1851		     MD5: eefc333e446a480ae390f0cf62a9a3be
 
IA-32:
krb5-devel-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 27f11144171b46fc9a06a6ebb91be405
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-server-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 51f8eb70783efafdc3ee89d408df35d9
krb5-workstation-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 0518479f2d392584c2eed6b2c6b9baef
 
x86_64:
krb5-devel-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 5c0c8654e8bd3e2bc9f6e2ae16ce8e00
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-libs-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: e0d865de095f42def1f3c91f4204b850
krb5-server-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 9447f4a19a7e7984d22a722adaae75e8
krb5-workstation-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 8dd431e16cb67c858738a9ce0e8f499a
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
krb5-1.3.4-27.src.rpm
File outdated by:  RHSA-2011:1851		     MD5: eefc333e446a480ae390f0cf62a9a3be
 
IA-32:
krb5-devel-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 27f11144171b46fc9a06a6ebb91be405
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-server-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 51f8eb70783efafdc3ee89d408df35d9
krb5-workstation-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 0518479f2d392584c2eed6b2c6b9baef
 
IA-64:
krb5-devel-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: d2702fa6eb76e408bd3e7460d63b92a8
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-libs-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: ec9088e0ad997ac1cccf6cfac6b95429
krb5-server-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: feec1a11af55296257f280b5153171ca
krb5-workstation-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 2b653458b6eaea38a4f035f2ebecfb01
 
PPC:
krb5-devel-1.3.4-27.ppc.rpm
File outdated by:  RHSA-2011:1851		     MD5: 1e992184f10379d24763221f5cf1416a
krb5-libs-1.3.4-27.ppc.rpm
File outdated by:  RHSA-2011:1851		     MD5: e4be03df1a5be765d07645395e8174b5
krb5-libs-1.3.4-27.ppc64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 83406bb4a37e179b04fc45b22b747e0d
krb5-server-1.3.4-27.ppc.rpm
File outdated by:  RHSA-2011:1851		     MD5: 8ca5d259f9f05b517ff23a84d08b15bd
krb5-workstation-1.3.4-27.ppc.rpm
File outdated by:  RHSA-2011:1851		     MD5: 80963bec0ad92cb10247852510f400a1
 
s390:
krb5-devel-1.3.4-27.s390.rpm
File outdated by:  RHSA-2011:1851		     MD5: 4cf5427a3ff876ee9c6f05ed966e6037
krb5-libs-1.3.4-27.s390.rpm
File outdated by:  RHSA-2011:1851		     MD5: 6bc361637aeaef5226846ab901158f07
krb5-server-1.3.4-27.s390.rpm
File outdated by:  RHSA-2011:1851		     MD5: e19197d73637ce80d8a476bbab6cd42e
krb5-workstation-1.3.4-27.s390.rpm
File outdated by:  RHSA-2011:1851		     MD5: 8f5b9cc4753499d75a2d273cbafa409d
 
s390x:
krb5-devel-1.3.4-27.s390x.rpm
File outdated by:  RHSA-2011:1851		     MD5: 4143fb6b9ebbefe9321d402df89dd7cd
krb5-libs-1.3.4-27.s390.rpm
File outdated by:  RHSA-2011:1851		     MD5: 6bc361637aeaef5226846ab901158f07
krb5-libs-1.3.4-27.s390x.rpm
File outdated by:  RHSA-2011:1851		     MD5: 455a01e2cc47ec0174fb4a2d717a43c7
krb5-server-1.3.4-27.s390x.rpm
File outdated by:  RHSA-2011:1851		     MD5: 95b6fee2aee07a1d4cca9f99eed42d66
krb5-workstation-1.3.4-27.s390x.rpm
File outdated by:  RHSA-2011:1851		     MD5: 08f1859a848977e8e6a6bbbf5a13c2a1
 
x86_64:
krb5-devel-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 5c0c8654e8bd3e2bc9f6e2ae16ce8e00
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-libs-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: e0d865de095f42def1f3c91f4204b850
krb5-server-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 9447f4a19a7e7984d22a722adaae75e8
krb5-workstation-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 8dd431e16cb67c858738a9ce0e8f499a
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
krb5-1.3.4-27.src.rpm
File outdated by:  RHSA-2011:1851		     MD5: eefc333e446a480ae390f0cf62a9a3be
 
IA-32:
krb5-devel-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 27f11144171b46fc9a06a6ebb91be405
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-server-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 51f8eb70783efafdc3ee89d408df35d9
krb5-workstation-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 0518479f2d392584c2eed6b2c6b9baef
 
IA-64:
krb5-devel-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: d2702fa6eb76e408bd3e7460d63b92a8
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-libs-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: ec9088e0ad997ac1cccf6cfac6b95429
krb5-server-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: feec1a11af55296257f280b5153171ca
krb5-workstation-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 2b653458b6eaea38a4f035f2ebecfb01
 
x86_64:
krb5-devel-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 5c0c8654e8bd3e2bc9f6e2ae16ce8e00
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-libs-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: e0d865de095f42def1f3c91f4204b850
krb5-server-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 9447f4a19a7e7984d22a722adaae75e8
krb5-workstation-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 8dd431e16cb67c858738a9ce0e8f499a
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
krb5-1.3.4-27.src.rpm
File outdated by:  RHSA-2011:1851		     MD5: eefc333e446a480ae390f0cf62a9a3be
 
IA-32:
krb5-devel-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 27f11144171b46fc9a06a6ebb91be405
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-server-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 51f8eb70783efafdc3ee89d408df35d9
krb5-workstation-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: 0518479f2d392584c2eed6b2c6b9baef
 
IA-64:
krb5-devel-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: d2702fa6eb76e408bd3e7460d63b92a8
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-libs-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: ec9088e0ad997ac1cccf6cfac6b95429
krb5-server-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: feec1a11af55296257f280b5153171ca
krb5-workstation-1.3.4-27.ia64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 2b653458b6eaea38a4f035f2ebecfb01
 
x86_64:
krb5-devel-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 5c0c8654e8bd3e2bc9f6e2ae16ce8e00
krb5-libs-1.3.4-27.i386.rpm
File outdated by:  RHSA-2011:1851		     MD5: a0eae77cd97a8ee15dacffcba2bca0ff
krb5-libs-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: e0d865de095f42def1f3c91f4204b850
krb5-server-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 9447f4a19a7e7984d22a722adaae75e8
krb5-workstation-1.3.4-27.x86_64.rpm
File outdated by:  RHSA-2011:1851		     MD5: 8dd431e16cb67c858738a9ce0e8f499a
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

174782 - Telnet Daemon provided by krb5-workstation does not process logins with passwords longer then 8 Characters


Keywords

krb5, ksu, login, password, rsh, rshd

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/