- Issued:
- 2004-12-21
- Updated:
- 2004-12-21
RHEA-2004:542 - Product Enhancement Advisory
Synopsis
Updated krb5 packages
Type/Severity
Product Enhancement Advisory
Topic
Updated krb5 packages that include experimental backported support for TCP
connection support, as well as arcfour cipher support, are now available.
Description
Kerberos is a networked authentication system which uses a trusted third
party (a KDC) to authenticate clients and servers to each other.
When a Kerberos client issues an AS_REQ or TGS_REQ request to a KDC, the
KDC may respond with a RESPONSE_TOO_BIG error if it determines that the
response might be dropped by the network while being transmitted to the client.
Some KDC implementations support additional encryption types which were not
included in the Kerberos Version 5 1.2 release, but are implemented with
the Kerberos Version 5 1.3 release.
All users of krb5 should upgrade to these updated packages, which resolve
this issue.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
Affected Products
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
- BZ - 122008 - krb5 failures with Win 2003 kerberos
CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.