-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-13541 2010-08-26 00:26:11 --------------------------------------------------------------------------------
Name : krb5 Product : Fedora 13 Version : 1.7.1 Release : 13.fc13 URL : http://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. -------------------------------------------------------------------------------- Update Information: A bug in the LDAP kdb backend module caused key expiration times to be computed incorrectly in some cases, and the ksu application incorrectly performed PAM account and session management as the invoking user rather than as root. This update corrects these bugs. -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 25 2010 Nalin Dahyabhai <[email protected]> 1.7.1-13 - adjust the last patch to apply properly to 1.7.1 * Tue Aug 24 2010 Nalin Dahyabhai <[email protected]> 1.7.1-12 - fix a logic bug in computing key expiration times (RT#6762, #627022) * Mon Jun 21 2010 Nalin Dahyabhai <[email protected]> - pull up fix for upstream #6745, in which the gssapi library would add the wrong error table but subsequently attempt to unload the right one * Wed Jun 9 2010 Nalin Dahyabhai <[email protected]> - 1.7.1-11 - use the "pathmunge" function to add %{krb5prefix}/bin to $PATH rather than doing it the harder way ourselves (part of #544652) * Thu May 27 2010 Nalin Dahyabhai <[email protected]> - ksu: move session management calls to before we drop privileges, like su does (#596887), and don't skip the PAM account check for root or the same user (more of #540769) * Tue May 18 2010 Nalin Dahyabhai <[email protected]> 1.7.1-10 - add patch to correct GSSAPI library null pointer dereference which could be triggered by malformed client requests (CVE-2010-1321, #582466) * Tue May 4 2010 Nalin Dahyabhai <[email protected]> 1.7.1-9 - fix output of kprop's init script's "status" and "reload" commands (#588222) -------------------------------------------------------------------------------- References: [ 1 ] Bug #627022 - Incorrect handling of password expiration https://bugzilla.redhat.com/show_bug.cgi?id=627022 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update krb5' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
