- Issued:
- 2009-01-20
- Updated:
- 2009-01-20
RHBA-2009:0234 - Bug Fix Advisory
Synopsis
krb5 bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated krb5 packages that resolve several issues are now available.
Description
Kerberos is a network authentication system which allows clients and
servers to authenticate to each other through the use of symmetric
encryption and a trusted third party: the Key Distribution Center (KDC).
These updated krb5 packages provide fixes for the following bugs:
- on a network which used KDC replication, if a client attempted to obtain
initial credentials from a slave KDC using "kinit", and was subsequently
notified that this was not possible because the client's key had expired,
the user would then be prompted to set a new password. However, once the
user had successfully changed their password, the "kinit" command often
failed to obtain initial credentials.
- when attempting to download multiple files using the "mget" command, the
Kerberos-aware FTP client could download files incorrectly if the "case"
option was enabled and the names of the files on the server used a mixture
of upper- and lower-case letters.
- the manual page for the Kerberos-enabled "telnet" client incorrectly
noted that the client could only be suspended when run using the C shell,
when in fact multiple shells can perform the related job-control functions.
The telnet(1) man page has been changed to reflect this fact.
- various servers, such as KDC and the kadmin server, frequently logged
each message to their log files twice.
- In cases where a server application began to sequentially iterate through
the contents of a keytab file, if it paused to call certain functions which
encountered errors, such as krb5_rd_req(), a subsequent call to the
krb5_kt_next_entry() function could then cause the calling application to
crash.
All users of krb5 are advised to upgrade to these updated packages, which
resolve these issues.
Solution
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 433947 - telnet command "z" can work correctly no matter the user's shell is csh, bash or ksh (manual bug)
- BZ - 434858 - Kerberos double logging
- BZ - 442716 - ftp case directive botches mget when mixed case filenames exit
- BZ - 468729 - krb5_cc_new_unique() fails
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
krb5-1.6.1-31.el5.src.rpm | SHA-256: 07669a00de637bec881fe7d632a27be41d857e5f128b49ddb456e2b5a8acd488 |
x86_64 | |
krb5-devel-1.6.1-31.el5.i386.rpm | SHA-256: 59f4d00d438ebb08f898edc57d0de840ecd37cffa0e68eee0353571ba9ba7c2a |
krb5-devel-1.6.1-31.el5.x86_64.rpm | SHA-256: 4b961fb99447bdcb9a4affb154b47904bc1964a5a12d8dceaa42cebe3666bd6f |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-libs-1.6.1-31.el5.x86_64.rpm | SHA-256: 5abe103498d23b1356dee37a345a3952595f39b5a68ede268ba5267d73790bb5 |
krb5-server-1.6.1-31.el5.x86_64.rpm | SHA-256: 3b8f44cdedc66faca50e690822adacbda5b2e037bddddf4569470ac985d13efa |
krb5-workstation-1.6.1-31.el5.x86_64.rpm | SHA-256: d5af3f12a3bbb72c44f8d59c0c39f1cb467ccfa7b0241612da5ab6ad44b81ea2 |
ia64 | |
krb5-devel-1.6.1-31.el5.ia64.rpm | SHA-256: 6c125c1b8e55c1dfb3c1932ba2c799763015f25ed1f7a716c581a42432f73cdb |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-libs-1.6.1-31.el5.ia64.rpm | SHA-256: 946c17ac7de61012600cce380bd915f6eb3430ce2dc5967b6998248e5c9add22 |
krb5-server-1.6.1-31.el5.ia64.rpm | SHA-256: fd0a01dab088b7c7430972552e6351e303952af846ff9b284cdaee68d5eec3eb |
krb5-workstation-1.6.1-31.el5.ia64.rpm | SHA-256: 9b9570deed0e6fc875e1e72a9917925f3ff835f1523fe1c3501a6058b865dc82 |
i386 | |
krb5-devel-1.6.1-31.el5.i386.rpm | SHA-256: 59f4d00d438ebb08f898edc57d0de840ecd37cffa0e68eee0353571ba9ba7c2a |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-server-1.6.1-31.el5.i386.rpm | SHA-256: a7e02b58f119e823f882945417d660265055fc83b4d61486f58a6e651c8ec1f6 |
krb5-workstation-1.6.1-31.el5.i386.rpm | SHA-256: c402bf04dd21102f351fbd694503d6e2981d0a85187c282186c7f0b0d88f2860 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
krb5-1.6.1-31.el5.src.rpm | SHA-256: 07669a00de637bec881fe7d632a27be41d857e5f128b49ddb456e2b5a8acd488 |
x86_64 | |
krb5-devel-1.6.1-31.el5.i386.rpm | SHA-256: 59f4d00d438ebb08f898edc57d0de840ecd37cffa0e68eee0353571ba9ba7c2a |
krb5-devel-1.6.1-31.el5.x86_64.rpm | SHA-256: 4b961fb99447bdcb9a4affb154b47904bc1964a5a12d8dceaa42cebe3666bd6f |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-libs-1.6.1-31.el5.x86_64.rpm | SHA-256: 5abe103498d23b1356dee37a345a3952595f39b5a68ede268ba5267d73790bb5 |
krb5-server-1.6.1-31.el5.x86_64.rpm | SHA-256: 3b8f44cdedc66faca50e690822adacbda5b2e037bddddf4569470ac985d13efa |
krb5-workstation-1.6.1-31.el5.x86_64.rpm | SHA-256: d5af3f12a3bbb72c44f8d59c0c39f1cb467ccfa7b0241612da5ab6ad44b81ea2 |
i386 | |
krb5-devel-1.6.1-31.el5.i386.rpm | SHA-256: 59f4d00d438ebb08f898edc57d0de840ecd37cffa0e68eee0353571ba9ba7c2a |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-server-1.6.1-31.el5.i386.rpm | SHA-256: a7e02b58f119e823f882945417d660265055fc83b4d61486f58a6e651c8ec1f6 |
krb5-workstation-1.6.1-31.el5.i386.rpm | SHA-256: c402bf04dd21102f351fbd694503d6e2981d0a85187c282186c7f0b0d88f2860 |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
krb5-1.6.1-31.el5.src.rpm | SHA-256: 07669a00de637bec881fe7d632a27be41d857e5f128b49ddb456e2b5a8acd488 |
x86_64 | |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-libs-1.6.1-31.el5.x86_64.rpm | SHA-256: 5abe103498d23b1356dee37a345a3952595f39b5a68ede268ba5267d73790bb5 |
krb5-workstation-1.6.1-31.el5.x86_64.rpm | SHA-256: d5af3f12a3bbb72c44f8d59c0c39f1cb467ccfa7b0241612da5ab6ad44b81ea2 |
i386 | |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-workstation-1.6.1-31.el5.i386.rpm | SHA-256: c402bf04dd21102f351fbd694503d6e2981d0a85187c282186c7f0b0d88f2860 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
krb5-1.6.1-31.el5.src.rpm | SHA-256: 07669a00de637bec881fe7d632a27be41d857e5f128b49ddb456e2b5a8acd488 |
s390x | |
krb5-devel-1.6.1-31.el5.s390.rpm | SHA-256: 71dab3f7ffbed51d338b217c8a14105db36a8727286bce8d50525eec4d2d03bf |
krb5-devel-1.6.1-31.el5.s390x.rpm | SHA-256: d84860c606f70a7196be87610a5cb756bb3d4e0f805e4afb7cc5a5b81ce5cd88 |
krb5-libs-1.6.1-31.el5.s390.rpm | SHA-256: 9d93da87e821c20ba7563f250a824a374547a329c0b3540ba889744656cf8faf |
krb5-libs-1.6.1-31.el5.s390x.rpm | SHA-256: 6fd8a5a5f8ef08c4a0f7ce942882f781f2a70676efce4380867d5828ba39773e |
krb5-server-1.6.1-31.el5.s390x.rpm | SHA-256: 1726dcc77517b7ecab954d601720fd347ad7ee115de3140dba2d74e9913e3b85 |
krb5-workstation-1.6.1-31.el5.s390x.rpm | SHA-256: 1d6ec33053dd5a72661fabb7b2a20c5d97e85f60b97a2f6c62747bc8e1d38301 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
krb5-1.6.1-31.el5.src.rpm | SHA-256: 07669a00de637bec881fe7d632a27be41d857e5f128b49ddb456e2b5a8acd488 |
ppc | |
krb5-devel-1.6.1-31.el5.ppc.rpm | SHA-256: 7b521dc614612b29ae70d671fa6aa6afc2af1a897eaafa9edda3e7d87eb7b1e5 |
krb5-devel-1.6.1-31.el5.ppc64.rpm | SHA-256: f1e7dba2505fd113620bf8b343a140899a9a6282941987a3fbd28fc5e801a94d |
krb5-libs-1.6.1-31.el5.ppc.rpm | SHA-256: 29bf0464b9d786e8db93358caed2e4081a51853e196b9c7c4a2e2080038de993 |
krb5-libs-1.6.1-31.el5.ppc64.rpm | SHA-256: ae789b7759a1b0a6923c2161813572225d8a54b917053f75a9f023e76d0d9840 |
krb5-server-1.6.1-31.el5.ppc.rpm | SHA-256: 8d746f49835852cc64d391b6fed4de9d152c120d9fd68a66ec60b9b6b6501773 |
krb5-workstation-1.6.1-31.el5.ppc.rpm | SHA-256: ec38ead1343beb67eef3bbb70e502724f244d62502a3120992277c1dc016c61b |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
krb5-1.6.1-31.el5.src.rpm | SHA-256: 07669a00de637bec881fe7d632a27be41d857e5f128b49ddb456e2b5a8acd488 |
x86_64 | |
krb5-devel-1.6.1-31.el5.i386.rpm | SHA-256: 59f4d00d438ebb08f898edc57d0de840ecd37cffa0e68eee0353571ba9ba7c2a |
krb5-devel-1.6.1-31.el5.x86_64.rpm | SHA-256: 4b961fb99447bdcb9a4affb154b47904bc1964a5a12d8dceaa42cebe3666bd6f |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-libs-1.6.1-31.el5.x86_64.rpm | SHA-256: 5abe103498d23b1356dee37a345a3952595f39b5a68ede268ba5267d73790bb5 |
krb5-server-1.6.1-31.el5.x86_64.rpm | SHA-256: 3b8f44cdedc66faca50e690822adacbda5b2e037bddddf4569470ac985d13efa |
krb5-workstation-1.6.1-31.el5.x86_64.rpm | SHA-256: d5af3f12a3bbb72c44f8d59c0c39f1cb467ccfa7b0241612da5ab6ad44b81ea2 |
i386 | |
krb5-devel-1.6.1-31.el5.i386.rpm | SHA-256: 59f4d00d438ebb08f898edc57d0de840ecd37cffa0e68eee0353571ba9ba7c2a |
krb5-libs-1.6.1-31.el5.i386.rpm | SHA-256: a33a85bfdefd4458b8665d4630fd19f7e85480a8321b8a77f0977a4f12d99175 |
krb5-server-1.6.1-31.el5.i386.rpm | SHA-256: a7e02b58f119e823f882945417d660265055fc83b4d61486f58a6e651c8ec1f6 |
krb5-workstation-1.6.1-31.el5.i386.rpm | SHA-256: c402bf04dd21102f351fbd694503d6e2981d0a85187c282186c7f0b0d88f2860 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.