-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2012:102 http://www.mandriva.com/security/ _______________________________________________________________________ Package : krb5 Date : July 6, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability has been discovered and corrected in krb5: Fix a kadmind denial of service issue (null pointer dereference), which could only be triggered by an administrator with the create privilege (CVE-2012-1013). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.1: 1175a2115b82a645413fcabe5cb71f70 2010.1/i586/krb5-1.8.1-5.7mdv2010.2.i586.rpm e5ac2389b258577b59514a7a16063227 2010.1/i586/krb5-pkinit-openssl-1.8.1-5.7mdv2010.2.i586.rpm 8ee366b386f58a5f29ad28890e3b3413 2010.1/i586/krb5-server-1.8.1-5.7mdv2010.2.i586.rpm a6b3a278f170057a70e046023f18c155 2010.1/i586/krb5-server-ldap-1.8.1-5.7mdv2010.2.i586.rpm 5aa836c1da611a4cd8f095bdd5b28717 2010.1/i586/krb5-workstation-1.8.1-5.7mdv2010.2.i586.rpm 11dc88b663661efa1132797f9c05761d 2010.1/i586/libkrb53-1.8.1-5.7mdv2010.2.i586.rpm 0dcb87015e7bd3e96800aadcab29bba5 2010.1/i586/libkrb53-devel-1.8.1-5.7mdv2010.2.i586.rpm 052b607d6ea19fd3d66b84a75c04f7e6 2010.1/SRPMS/krb5-1.8.1-5.7mdv2010.2.src.rpm Mandriva Linux 2010.1/X86_64: 68805dbdfdde01d47d8fc27ab895144e 2010.1/x86_64/krb5-1.8.1-5.7mdv2010.2.x86_64.rpm 989661661a97f251545f5ee808a314c6 2010.1/x86_64/krb5-pkinit-openssl-1.8.1-5.7mdv2010.2.x86_64.rpm 6aa59d2c09d12e1a720bc474a0eeeaaf 2010.1/x86_64/krb5-server-1.8.1-5.7mdv2010.2.x86_64.rpm c3337bb7d19cb6aa706c44902eb0d2ec 2010.1/x86_64/krb5-server-ldap-1.8.1-5.7mdv2010.2.x86_64.rpm 84f2946439c82482844f6e0893ce19f1 2010.1/x86_64/krb5-workstation-1.8.1-5.7mdv2010.2.x86_64.rpm 60299d66703a7112f11a2663fc09edcf 2010.1/x86_64/lib64krb53-1.8.1-5.7mdv2010.2.x86_64.rpm 6bea584af11149070818f884f5d312b6 2010.1/x86_64/lib64krb53-devel-1.8.1-5.7mdv2010.2.x86_64.rpm 052b607d6ea19fd3d66b84a75c04f7e6 2010.1/SRPMS/krb5-1.8.1-5.7mdv2010.2.src.rpm Mandriva Linux 2011: a8d4bd01471bba983f8a0110d3710716 2011/i586/krb5-1.9.1-1.3-mdv2011.0.i586.rpm efb2ea866b62de3ae05d1f3b7ec215da 2011/i586/krb5-pkinit-openssl-1.9.1-1.3-mdv2011.0.i586.rpm 2403bc6016e27189a5b1279b9fa36a91 2011/i586/krb5-server-1.9.1-1.3-mdv2011.0.i586.rpm ad5d818c9346d69db175291a1c089056 2011/i586/krb5-server-ldap-1.9.1-1.3-mdv2011.0.i586.rpm 226bc0f073d3a6cbf8045c49f0afbe14 2011/i586/krb5-workstation-1.9.1-1.3-mdv2011.0.i586.rpm acf3849720c9cc90246fb5c171b2af67 2011/i586/libkrb53-1.9.1-1.3-mdv2011.0.i586.rpm b5592a358e88d5330dffcd2784f113db 2011/i586/libkrb53-devel-1.9.1-1.3-mdv2011.0.i586.rpm 8444bf31b0ddf8ad23768d79bf69a2a8 2011/SRPMS/krb5-1.9.1-1.3.src.rpm Mandriva Linux 2011/X86_64: 8e2cb70c3064945a5bb01e946b93720a 2011/x86_64/krb5-1.9.1-1.3-mdv2011.0.x86_64.rpm 8df8bb54172a0070ad770a2bf97d1c74 2011/x86_64/krb5-pkinit-openssl-1.9.1-1.3-mdv2011.0.x86_64.rpm c4ad3af421de33b7d330d340d0556f91 2011/x86_64/krb5-server-1.9.1-1.3-mdv2011.0.x86_64.rpm 545fc63143f4e45639908a39f49c1f40 2011/x86_64/krb5-server-ldap-1.9.1-1.3-mdv2011.0.x86_64.rpm 531353da8c826397adab7a902d577ed2 2011/x86_64/krb5-workstation-1.9.1-1.3-mdv2011.0.x86_64.rpm f64777b5ff24e62a3faae65161fc7102 2011/x86_64/lib64krb53-1.9.1-1.3-mdv2011.0.x86_64.rpm f5f700c716fd7c62c4a7cc44ca5aca13 2011/x86_64/lib64krb53-devel-1.9.1-1.3-mdv2011.0.x86_64.rpm 8444bf31b0ddf8ad23768d79bf69a2a8 2011/SRPMS/krb5-1.9.1-1.3.src.rpm Mandriva Enterprise Server 5: 98fa3187ade33c8dcc63604c6ebc02ce mes5/i586/krb5-1.8.1-0.8mdvmes5.2.i586.rpm b509b9b7b2138a6e9b058bb991e1d6e2 mes5/i586/krb5-pkinit-openssl-1.8.1-0.8mdvmes5.2.i586.rpm 3ba432fe4f3c1ae79146d44241002551 mes5/i586/krb5-server-1.8.1-0.8mdvmes5.2.i586.rpm 330e1002801b9d21d1b8d3bae8ba860c mes5/i586/krb5-server-ldap-1.8.1-0.8mdvmes5.2.i586.rpm fec59596107996bffaede76be60621de mes5/i586/krb5-workstation-1.8.1-0.8mdvmes5.2.i586.rpm 5ae5bdbee59e6367406648ca3bd2933a mes5/i586/libkrb53-1.8.1-0.8mdvmes5.2.i586.rpm 9b2904fc426a312f7a1e9c9afc58a26c mes5/i586/libkrb53-devel-1.8.1-0.8mdvmes5.2.i586.rpm f57f14346425b502ee0a10fc2faaa3c6 mes5/SRPMS/krb5-1.8.1-0.8mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: bcb24a17293d01d0c393a1c95074d2c8 mes5/x86_64/krb5-1.8.1-0.8mdvmes5.2.x86_64.rpm 3ddf8eed66107c373a412faf5715e824 mes5/x86_64/krb5-pkinit-openssl-1.8.1-0.8mdvmes5.2.x86_64.rpm 8b43725a277670421b3b1b0bba3e8dac mes5/x86_64/krb5-server-1.8.1-0.8mdvmes5.2.x86_64.rpm 4ef2f93d362b930f5f7970ef64578b1c mes5/x86_64/krb5-server-ldap-1.8.1-0.8mdvmes5.2.x86_64.rpm f4aaa95f71a326a650113a425bd3fe80 mes5/x86_64/krb5-workstation-1.8.1-0.8mdvmes5.2.x86_64.rpm 2e055df16c60cfdd456ec0dd80dc3246 mes5/x86_64/lib64krb53-1.8.1-0.8mdvmes5.2.x86_64.rpm 3dad4c1c066a22eae7931bb40cf59833 mes5/x86_64/lib64krb53-devel-1.8.1-0.8mdvmes5.2.x86_64.rpm f57f14346425b502ee0a10fc2faaa3c6 mes5/SRPMS/krb5-1.8.1-0.8mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFP9sD7mqjQ0CJFipgRAls6AJ9atdFYwXSfo6wpuo//Jrx9qfAFvQCgnn9w n1HVs0rIYS+NV6s3DemhTfM= =S/BX -----END PGP SIGNATURE-----