krb5 enhancement update

Advisory:	RHEA-2006:0080-9
Type:	Product Enhancement Advisory
Severity:	N/A
Issued on:	2006-03-15
Last updated on:	2006-03-15
Affected Products:	Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 3)
OVAL:	N/A

Details

Updated krb5-workstation packages which correctly transfer large files
using rcp, handle login passwords more than eight characters long, and
which reduce potential stalls in the rsh client and server are now available.

Kerberos 5 is a networked authentication system in which clients and
servers authenticate to each other using symmetric keys and a trusted third
party.

The krb5-workstation package contains modified versions of the standard
rsh, rcp, and telnet clients and servers which make use of Kerberos for
authentication and which optionally provide encryption of data which is
sent over the network.

In situations where the rsh client and server are both attempting to send
large amounts of data over the network at the same time, it is possible for
both processes to block while waiting for the other to receive data.

In situations where the file being copied by rcp was larger than 2GB in
size, it would not be transferred correctly.

When falling back to password-based authentication, login would incorrectly
compute the hash of a user's password if it was more than eight characters
long and deny access.

The ksu application was previously installed without the setuid bit set.

Binaries were mistakenly being stripped of debugging information too early
during the package creation process, leaving no useful information for
inclusion in the krb5-debuginfo package.

Users are advised to upgrade to these updated packages, which incorporate
changes which resolve or reduce the likelihood of these occurrences.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
krb5-1.2.7-52.src.rpm File outdated by: RHSA-2009:0410	`5065ff6105229f427afce134c0d51fe3`

IA-32:
krb5-devel-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`526164b0a36f1d381d31d76998f77dee`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-server-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`049c0e8298861b9c68f8d8712045fb1a`
krb5-workstation-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`3b3160e5069ea942493717c12b22f0e1`

x86_64:
krb5-devel-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`b9fdbb76b5991e7ee6594b349ab7c683`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-libs-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`e5c370d64b7934856b7b277ac63fe9ea`
krb5-server-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`b93875eb1fe35bd686f5612b5ada86d4`
krb5-workstation-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`096bc45d2276dd5d7b10c30dfb139790`

Red Hat Enterprise Linux AS (v. 3)

SRPMS:
krb5-1.2.7-52.src.rpm File outdated by: RHSA-2009:0410	`5065ff6105229f427afce134c0d51fe3`

IA-32:
krb5-devel-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`526164b0a36f1d381d31d76998f77dee`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-server-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`049c0e8298861b9c68f8d8712045fb1a`
krb5-workstation-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`3b3160e5069ea942493717c12b22f0e1`

IA-64:
krb5-devel-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`ea72978e28958e3dcd67277ee5112428`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-libs-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`59e306aa4b2c10a0f787258f555c1864`
krb5-server-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`950fe7db56e3928e335cd7a1bfe7fc13`
krb5-workstation-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`1b430d5f9a7a8a43957f53b2205f35b4`

PPC:
krb5-devel-1.2.7-52.ppc.rpm File outdated by: RHSA-2009:0410	`62f46295d4d536526d5eae9f7698f0be`
krb5-libs-1.2.7-52.ppc.rpm File outdated by: RHSA-2009:0410	`ad9dadb18c3e1972e0f2baeb6f2f549f`
krb5-libs-1.2.7-52.ppc64.rpm File outdated by: RHSA-2009:0410	`d81515edccd7d44a17db86aeb46faf3d`
krb5-server-1.2.7-52.ppc.rpm File outdated by: RHSA-2009:0410	`ebac67a6ed2d684760a5c472db5dba79`
krb5-workstation-1.2.7-52.ppc.rpm File outdated by: RHSA-2009:0410	`24fa366dd696a21fa471251983312da2`

s390:
krb5-devel-1.2.7-52.s390.rpm File outdated by: RHSA-2009:0410	`aab495d87b633ce76650762f1aff1d0c`
krb5-libs-1.2.7-52.s390.rpm File outdated by: RHSA-2009:0410	`5ed9b2ed3356a1259990ce557806e87d`
krb5-server-1.2.7-52.s390.rpm File outdated by: RHSA-2009:0410	`22bc2476d95af0aea7da49bf502d5939`
krb5-workstation-1.2.7-52.s390.rpm File outdated by: RHSA-2009:0410	`e1683299b61cd7ff1aee60233688ef63`

s390x:
krb5-devel-1.2.7-52.s390x.rpm File outdated by: RHSA-2009:0410	`7d52f168b4b38c7028776da1f214e327`
krb5-libs-1.2.7-52.s390.rpm File outdated by: RHSA-2009:0410	`5ed9b2ed3356a1259990ce557806e87d`
krb5-libs-1.2.7-52.s390x.rpm File outdated by: RHSA-2009:0410	`662db767e0838feb37ee0e5f051d9865`
krb5-server-1.2.7-52.s390x.rpm File outdated by: RHSA-2009:0410	`56ef820d7a90a811c2ee5710c191a671`
krb5-workstation-1.2.7-52.s390x.rpm File outdated by: RHSA-2009:0410	`9c34bf61d843ffe8fb97faff512abf9a`

x86_64:
krb5-devel-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`b9fdbb76b5991e7ee6594b349ab7c683`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-libs-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`e5c370d64b7934856b7b277ac63fe9ea`
krb5-server-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`b93875eb1fe35bd686f5612b5ada86d4`
krb5-workstation-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`096bc45d2276dd5d7b10c30dfb139790`

Red Hat Enterprise Linux ES (v. 3)

SRPMS:
krb5-1.2.7-52.src.rpm File outdated by: RHSA-2009:0410	`5065ff6105229f427afce134c0d51fe3`

IA-32:
krb5-devel-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`526164b0a36f1d381d31d76998f77dee`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-server-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`049c0e8298861b9c68f8d8712045fb1a`
krb5-workstation-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`3b3160e5069ea942493717c12b22f0e1`

IA-64:
krb5-devel-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`ea72978e28958e3dcd67277ee5112428`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-libs-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`59e306aa4b2c10a0f787258f555c1864`
krb5-server-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`950fe7db56e3928e335cd7a1bfe7fc13`
krb5-workstation-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`1b430d5f9a7a8a43957f53b2205f35b4`

x86_64:
krb5-devel-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`b9fdbb76b5991e7ee6594b349ab7c683`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-libs-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`e5c370d64b7934856b7b277ac63fe9ea`
krb5-server-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`b93875eb1fe35bd686f5612b5ada86d4`
krb5-workstation-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`096bc45d2276dd5d7b10c30dfb139790`

Red Hat Enterprise Linux WS (v. 3)

SRPMS:
krb5-1.2.7-52.src.rpm File outdated by: RHSA-2009:0410	`5065ff6105229f427afce134c0d51fe3`

IA-32:
krb5-devel-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`526164b0a36f1d381d31d76998f77dee`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-server-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`049c0e8298861b9c68f8d8712045fb1a`
krb5-workstation-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`3b3160e5069ea942493717c12b22f0e1`

IA-64:
krb5-devel-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`ea72978e28958e3dcd67277ee5112428`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-libs-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`59e306aa4b2c10a0f787258f555c1864`
krb5-server-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`950fe7db56e3928e335cd7a1bfe7fc13`
krb5-workstation-1.2.7-52.ia64.rpm File outdated by: RHSA-2009:0410	`1b430d5f9a7a8a43957f53b2205f35b4`

x86_64:
krb5-devel-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`b9fdbb76b5991e7ee6594b349ab7c683`
krb5-libs-1.2.7-52.i386.rpm File outdated by: RHSA-2009:0410	`4b9fff6b7859e1dcf9d23ea069a04e6e`
krb5-libs-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`e5c370d64b7934856b7b277ac63fe9ea`
krb5-server-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`b93875eb1fe35bd686f5612b5ada86d4`
krb5-workstation-1.2.7-52.x86_64.rpm File outdated by: RHSA-2009:0410	`096bc45d2276dd5d7b10c30dfb139790`

(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

149476 - Telnet Daemon provided by krb5-workstation does not process logins with passwords longer then 8 Characters
165032 - kerberized rcp can't copy files over 2GB
171680 - -debuginfo packages useless because make install strips

Keywords

krb5, ksu, largefiles, login, password, rcp, rsh, rshd

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/