The krb5 package is the implementation of the Kerberos protocol suite from MIT. This update fixes three vulnerabilities, two of them are only possible if krb4 support is enabled: - CVE-2008-0062: null/dangling pointer (krb4) - CVE-2008-0063: operations on uninitialized buffer content, possible information leak (krb4) - CVE-2008-0947/8: out-of-bound array access in kadmindβs RPC lib
Please install the new packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Server | 10.1 | x86_64 | krb5-devel | <Β 1.4.3-19.30.6 | krb5-devel-1.4.3-19.30.6.x86_64.rpm |
SUSE Linux Enterprise Server | 10.1 | i586 | krb5-server | <Β 1.4.3-19.30.6 | krb5-server-1.4.3-19.30.6.i586.rpm |
SUSE Linux Enterprise Server | 10.1 | i586 | krb5-apps-clients | <Β 1.4.3-19.30.6 | krb5-apps-clients-1.4.3-19.30.6.i586.rpm |
SUSE Linux Enterprise Software Development Kit | 10.1 | ia64 | krb5-apps-clients | <Β 1.4.3-19.30.6 | krb5-apps-clients-1.4.3-19.30.6.ia64.rpm |
openSUSE | 10.1 | x86_64 | krb5-apps-clients | <Β 1.4.3-19.30.6 | krb5-apps-clients-1.4.3-19.30.6.x86_64.rpm |
openSUSE | 10.3 | i586 | krb5-client | <Β 1.6.2-22.4 | krb5-client-1.6.2-22.4.i586.rpm |
openSUSE | 10.1 | x86_64 | krb5-server | <Β 1.4.3-19.30.6 | krb5-server-1.4.3-19.30.6.x86_64.rpm |
openSUSE | 10.1 | ppc | krb5-client | <Β 1.4.3-19.30.6 | krb5-client-1.4.3-19.30.6.ppc.rpm |
openSUSE | 10.2 | x86_64 | krb5-devel | <Β 1.5.1-23.14 | krb5-devel-1.5.1-23.14.x86_64.rpm |
openSUSE | 10.1 | ppc | krb5-apps-servers | <Β 1.4.3-19.30.6 | krb5-apps-servers-1.4.3-19.30.6.ppc.rpm |