[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1Sn94i-0006er-O5@titan.mandriva.com>
Date: Fri, 06 Jul 2012 16:00:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2012:102 ] krb5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:102
http://www.mandriva.com/security/
_______________________________________________________________________
Package : krb5
Date : July 6, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
A vulnerability has been discovered and corrected in krb5:
Fix a kadmind denial of service issue (null pointer dereference),
which could only be triggered by an administrator with the create
privilege (CVE-2012-1013).
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
1175a2115b82a645413fcabe5cb71f70 2010.1/i586/krb5-1.8.1-5.7mdv2010.2.i586.rpm
e5ac2389b258577b59514a7a16063227 2010.1/i586/krb5-pkinit-openssl-1.8.1-5.7mdv2010.2.i586.rpm
8ee366b386f58a5f29ad28890e3b3413 2010.1/i586/krb5-server-1.8.1-5.7mdv2010.2.i586.rpm
a6b3a278f170057a70e046023f18c155 2010.1/i586/krb5-server-ldap-1.8.1-5.7mdv2010.2.i586.rpm
5aa836c1da611a4cd8f095bdd5b28717 2010.1/i586/krb5-workstation-1.8.1-5.7mdv2010.2.i586.rpm
11dc88b663661efa1132797f9c05761d 2010.1/i586/libkrb53-1.8.1-5.7mdv2010.2.i586.rpm
0dcb87015e7bd3e96800aadcab29bba5 2010.1/i586/libkrb53-devel-1.8.1-5.7mdv2010.2.i586.rpm
052b607d6ea19fd3d66b84a75c04f7e6 2010.1/SRPMS/krb5-1.8.1-5.7mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
68805dbdfdde01d47d8fc27ab895144e 2010.1/x86_64/krb5-1.8.1-5.7mdv2010.2.x86_64.rpm
989661661a97f251545f5ee808a314c6 2010.1/x86_64/krb5-pkinit-openssl-1.8.1-5.7mdv2010.2.x86_64.rpm
6aa59d2c09d12e1a720bc474a0eeeaaf 2010.1/x86_64/krb5-server-1.8.1-5.7mdv2010.2.x86_64.rpm
c3337bb7d19cb6aa706c44902eb0d2ec 2010.1/x86_64/krb5-server-ldap-1.8.1-5.7mdv2010.2.x86_64.rpm
84f2946439c82482844f6e0893ce19f1 2010.1/x86_64/krb5-workstation-1.8.1-5.7mdv2010.2.x86_64.rpm
60299d66703a7112f11a2663fc09edcf 2010.1/x86_64/lib64krb53-1.8.1-5.7mdv2010.2.x86_64.rpm
6bea584af11149070818f884f5d312b6 2010.1/x86_64/lib64krb53-devel-1.8.1-5.7mdv2010.2.x86_64.rpm
052b607d6ea19fd3d66b84a75c04f7e6 2010.1/SRPMS/krb5-1.8.1-5.7mdv2010.2.src.rpm
Mandriva Linux 2011:
a8d4bd01471bba983f8a0110d3710716 2011/i586/krb5-1.9.1-1.3-mdv2011.0.i586.rpm
efb2ea866b62de3ae05d1f3b7ec215da 2011/i586/krb5-pkinit-openssl-1.9.1-1.3-mdv2011.0.i586.rpm
2403bc6016e27189a5b1279b9fa36a91 2011/i586/krb5-server-1.9.1-1.3-mdv2011.0.i586.rpm
ad5d818c9346d69db175291a1c089056 2011/i586/krb5-server-ldap-1.9.1-1.3-mdv2011.0.i586.rpm
226bc0f073d3a6cbf8045c49f0afbe14 2011/i586/krb5-workstation-1.9.1-1.3-mdv2011.0.i586.rpm
acf3849720c9cc90246fb5c171b2af67 2011/i586/libkrb53-1.9.1-1.3-mdv2011.0.i586.rpm
b5592a358e88d5330dffcd2784f113db 2011/i586/libkrb53-devel-1.9.1-1.3-mdv2011.0.i586.rpm
8444bf31b0ddf8ad23768d79bf69a2a8 2011/SRPMS/krb5-1.9.1-1.3.src.rpm
Mandriva Linux 2011/X86_64:
8e2cb70c3064945a5bb01e946b93720a 2011/x86_64/krb5-1.9.1-1.3-mdv2011.0.x86_64.rpm
8df8bb54172a0070ad770a2bf97d1c74 2011/x86_64/krb5-pkinit-openssl-1.9.1-1.3-mdv2011.0.x86_64.rpm
c4ad3af421de33b7d330d340d0556f91 2011/x86_64/krb5-server-1.9.1-1.3-mdv2011.0.x86_64.rpm
545fc63143f4e45639908a39f49c1f40 2011/x86_64/krb5-server-ldap-1.9.1-1.3-mdv2011.0.x86_64.rpm
531353da8c826397adab7a902d577ed2 2011/x86_64/krb5-workstation-1.9.1-1.3-mdv2011.0.x86_64.rpm
f64777b5ff24e62a3faae65161fc7102 2011/x86_64/lib64krb53-1.9.1-1.3-mdv2011.0.x86_64.rpm
f5f700c716fd7c62c4a7cc44ca5aca13 2011/x86_64/lib64krb53-devel-1.9.1-1.3-mdv2011.0.x86_64.rpm
8444bf31b0ddf8ad23768d79bf69a2a8 2011/SRPMS/krb5-1.9.1-1.3.src.rpm
Mandriva Enterprise Server 5:
98fa3187ade33c8dcc63604c6ebc02ce mes5/i586/krb5-1.8.1-0.8mdvmes5.2.i586.rpm
b509b9b7b2138a6e9b058bb991e1d6e2 mes5/i586/krb5-pkinit-openssl-1.8.1-0.8mdvmes5.2.i586.rpm
3ba432fe4f3c1ae79146d44241002551 mes5/i586/krb5-server-1.8.1-0.8mdvmes5.2.i586.rpm
330e1002801b9d21d1b8d3bae8ba860c mes5/i586/krb5-server-ldap-1.8.1-0.8mdvmes5.2.i586.rpm
fec59596107996bffaede76be60621de mes5/i586/krb5-workstation-1.8.1-0.8mdvmes5.2.i586.rpm
5ae5bdbee59e6367406648ca3bd2933a mes5/i586/libkrb53-1.8.1-0.8mdvmes5.2.i586.rpm
9b2904fc426a312f7a1e9c9afc58a26c mes5/i586/libkrb53-devel-1.8.1-0.8mdvmes5.2.i586.rpm
f57f14346425b502ee0a10fc2faaa3c6 mes5/SRPMS/krb5-1.8.1-0.8mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
bcb24a17293d01d0c393a1c95074d2c8 mes5/x86_64/krb5-1.8.1-0.8mdvmes5.2.x86_64.rpm
3ddf8eed66107c373a412faf5715e824 mes5/x86_64/krb5-pkinit-openssl-1.8.1-0.8mdvmes5.2.x86_64.rpm
8b43725a277670421b3b1b0bba3e8dac mes5/x86_64/krb5-server-1.8.1-0.8mdvmes5.2.x86_64.rpm
4ef2f93d362b930f5f7970ef64578b1c mes5/x86_64/krb5-server-ldap-1.8.1-0.8mdvmes5.2.x86_64.rpm
f4aaa95f71a326a650113a425bd3fe80 mes5/x86_64/krb5-workstation-1.8.1-0.8mdvmes5.2.x86_64.rpm
2e055df16c60cfdd456ec0dd80dc3246 mes5/x86_64/lib64krb53-1.8.1-0.8mdvmes5.2.x86_64.rpm
3dad4c1c066a22eae7931bb40cf59833 mes5/x86_64/lib64krb53-devel-1.8.1-0.8mdvmes5.2.x86_64.rpm
f57f14346425b502ee0a10fc2faaa3c6 mes5/SRPMS/krb5-1.8.1-0.8mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFP9sD7mqjQ0CJFipgRAls6AJ9atdFYwXSfo6wpuo//Jrx9qfAFvQCgnn9w
n1HVs0rIYS+NV6s3DemhTfM=
=S/BX
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists