- Issued:
- 2006-03-21
- Updated:
- 2006-03-21
RHBA-2006:0209 - Bug Fix Advisory
Synopsis
krb5 bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated krb5 packages that fix a bug are now available.
Description
Kerberos is a network authentication system. The krb5 packages include
libraries, a dialog, server programs, and basic client programs that enable
Kerberos to function.
The krb5_parse_name() function is used to convert the string representation
of a Kerberos principal name into a krb5_principal structure. When the
string representation of a user's principal did not explicitly include a
realm name, krb5_parse_name() used the name of the system's default realm,
even if the calling application had previously used the
krb5_set_default_realm() function to override this value. This bug made it
more difficult for applications such as pam_krb5 to support authenticating
to realms other than the system's default.
Users of krb5 should upgrade to these updated packages, which resolve this
issue.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
Affected Products
- Red Hat Enterprise Linux Server 2 ia64
- Red Hat Enterprise Linux Server 2 i386
- Red Hat Enterprise Linux Workstation 2 ia64
- Red Hat Enterprise Linux Workstation 2 i386
Fixes
- BZ - 179061 - [PATCH] krb5_parse_name() doesn't track changes to default realm
CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.