-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                         ESB-2007.0216 -- [RedHat]
                      Critical: krb5 security update
                               4 April 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              krb5
Publisher:            Red Hat
Operating System:     Red Hat Enterprise Linux
Impact:               Execute Arbitrary Code/Commands
                      Inappropriate Access
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-1216 CVE-2007-0957 CVE-2007-0956

Ref:                  AL-2007.0040

Original Bulletin:    https://rhn.redhat.com/errata/RHSA-2007-0095.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Critical: krb5 security update
Advisory ID:       RHSA-2007:0095-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0095.html
Issue date:        2007-04-03
Updated on:        2007-04-03
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-0956 CVE-2007-0957 CVE-2007-1216 
- - ---------------------------------------------------------------------

1. Summary:

Updated krb5 packages that fix a number of issues are now available.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

Kerberos is a network authentication system which allows clients and
servers to authenticate to each other through use of symmetric encryption
and a trusted third party, the KDC.

A flaw was found in the username handling of the MIT krb5 telnet daemon
(telnetd).  A remote attacker who can access the telnet port of a target
machine could log in as root without requiring a password.  (CVE-2007-0956)

Note that the krb5 telnet daemon is not enabled by default in any version
of Red Hat Enterprise Linux.  In addition, the default firewall rules block
remote access to the telnet port.  This flaw does not affect the telnet
daemon distributed in the telnet-server package.

For users who have enabled the krb5 telnet daemon and have it accessible
remotely, this update should be applied immediately.  

Whilst we are not aware at this time that the flaw is being actively
exploited, we have confirmed that the flaw is very easily exploitable.

This update also fixes two additional security issues:

Buffer overflows were found which affect the Kerberos KDC and the kadmin
server daemon.  A remote attacker who can access the KDC could exploit this
bug to run arbitrary code with the privileges of the KDC or kadmin server
processes.  (CVE-2007-0957)

A double-free flaw was found in the GSSAPI library used by the kadmin
server daemon.  Red Hat Enterprise Linux 4 and 5 contain checks within
glibc that detect double-free flaws. Therefore, on Red Hat Enterprise Linux
4 and 5 successful exploitation of this issue can only lead to a denial of
service.  Applications which use this library in earlier releases of Red
Hat Enterprise Linux may also be affected.  (CVE-2007-1216)

All users are advised to update to these erratum packages which contain a
backported fix to correct these issues.

Red Hat would like to thank MIT and iDefense for reporting these
vulnerabilities.

4. Solution:

The krb5 telnet daemon is an xinetd service.  You can determine if krb5
telnetd is enabled with the command:

  /sbin/chkconfig --list krb5-telnet

The output of this command will be "krb5-telnet on" if krb5 telnet is
enabled.  krb5 telnet daemon can be immediately disabled with the command:

  /sbin/chkconfig krb5-telnet off

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

229782 - CVE-2007-0956 Unauthorized access via krb5-telnet daemon
231528 - CVE-2007-0957 krb5_klog_syslog() stack buffer overflow
231537 - CVE-2007-1216 krb5 double free flaw

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/krb5-1.2.2-44.src.rpm
8d63a222b9e449609a77bf20224bea5a  krb5-1.2.2-44.src.rpm

i386:
e4ec8cf6b9a1edd3e4a6f48f56741730  krb5-devel-1.2.2-44.i386.rpm
6a4de547b1bc9756638c27b85273a8d4  krb5-libs-1.2.2-44.i386.rpm
2a8dba9616ab803761112245de87aad2  krb5-server-1.2.2-44.i386.rpm
a4f6fd148f0a88c5b9df569362ae9efd  krb5-workstation-1.2.2-44.i386.rpm

ia64:
1638b9c05c1d7ec3ebfbe35ccef91b21  krb5-devel-1.2.2-44.ia64.rpm
f70770ddbaa2e729d66cfa65be97de00  krb5-libs-1.2.2-44.ia64.rpm
64ee3aa6cb75d8cfefa33ed1b6bdf6bf  krb5-server-1.2.2-44.ia64.rpm
21795085e2bbfe0f522561ec894131a5  krb5-workstation-1.2.2-44.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/krb5-1.2.2-44.src.rpm
8d63a222b9e449609a77bf20224bea5a  krb5-1.2.2-44.src.rpm

ia64:
1638b9c05c1d7ec3ebfbe35ccef91b21  krb5-devel-1.2.2-44.ia64.rpm
f70770ddbaa2e729d66cfa65be97de00  krb5-libs-1.2.2-44.ia64.rpm
64ee3aa6cb75d8cfefa33ed1b6bdf6bf  krb5-server-1.2.2-44.ia64.rpm
21795085e2bbfe0f522561ec894131a5  krb5-workstation-1.2.2-44.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/krb5-1.2.2-44.src.rpm
8d63a222b9e449609a77bf20224bea5a  krb5-1.2.2-44.src.rpm

i386:
e4ec8cf6b9a1edd3e4a6f48f56741730  krb5-devel-1.2.2-44.i386.rpm
6a4de547b1bc9756638c27b85273a8d4  krb5-libs-1.2.2-44.i386.rpm
2a8dba9616ab803761112245de87aad2  krb5-server-1.2.2-44.i386.rpm
a4f6fd148f0a88c5b9df569362ae9efd  krb5-workstation-1.2.2-44.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/krb5-1.2.2-44.src.rpm
8d63a222b9e449609a77bf20224bea5a  krb5-1.2.2-44.src.rpm

i386:
e4ec8cf6b9a1edd3e4a6f48f56741730  krb5-devel-1.2.2-44.i386.rpm
6a4de547b1bc9756638c27b85273a8d4  krb5-libs-1.2.2-44.i386.rpm
2a8dba9616ab803761112245de87aad2  krb5-server-1.2.2-44.i386.rpm
a4f6fd148f0a88c5b9df569362ae9efd  krb5-workstation-1.2.2-44.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/krb5-1.2.7-61.src.rpm
241aa2f84b51636920795b1d34897082  krb5-1.2.7-61.src.rpm

i386:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
eaa32e453e972bf98827197c22bdb360  krb5-devel-1.2.7-61.i386.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
5c0cdb59311fc4f27f0a14d095b587dd  krb5-server-1.2.7-61.i386.rpm
3ec0506072852c72d0014f0689ab1767  krb5-workstation-1.2.7-61.i386.rpm

ia64:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
5cfba0e843efa6488def31879310dbc9  krb5-debuginfo-1.2.7-61.ia64.rpm
bea06113679d91e1c267fa07d7591aee  krb5-devel-1.2.7-61.ia64.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
d17302e949fe07467399150361169956  krb5-libs-1.2.7-61.ia64.rpm
089ab89df9e2457308910c50f05e23d4  krb5-server-1.2.7-61.ia64.rpm
89817c78ccf30b26849f3f70e1b9e1c4  krb5-workstation-1.2.7-61.ia64.rpm

ppc:
49c4744d6bf117e46956667968f0d525  krb5-debuginfo-1.2.7-61.ppc.rpm
7d8e220a2224e035d6aa107ce8a0bfa5  krb5-debuginfo-1.2.7-61.ppc64.rpm
9343ac9061b43c7a143d5744b53f66ff  krb5-devel-1.2.7-61.ppc.rpm
9bce14ed281a3452c9e3226d36880130  krb5-libs-1.2.7-61.ppc.rpm
ecd888402225cd2ad2fccf9fae9e1b0a  krb5-libs-1.2.7-61.ppc64.rpm
51853eafc971447291b2761a2c6f5f2e  krb5-server-1.2.7-61.ppc.rpm
c5a976fb53f80c968a907cda0cf02ac1  krb5-workstation-1.2.7-61.ppc.rpm

s390:
cca3b8951faf87edc1abf5470186d1b2  krb5-debuginfo-1.2.7-61.s390.rpm
104e090af79861261cf949fcf6513f32  krb5-devel-1.2.7-61.s390.rpm
9923121785df4d2f2237aa2f81590ebf  krb5-libs-1.2.7-61.s390.rpm
c37c6dfae6bd4eb96e5a5a02b0eb0494  krb5-server-1.2.7-61.s390.rpm
acb769c65993e3e06e73494ea3f07fb6  krb5-workstation-1.2.7-61.s390.rpm

s390x:
cca3b8951faf87edc1abf5470186d1b2  krb5-debuginfo-1.2.7-61.s390.rpm
0a8928ebe375a8d24b6afd05568fdc9b  krb5-debuginfo-1.2.7-61.s390x.rpm
b8ea39b450fc5a014ec0a893bca77223  krb5-devel-1.2.7-61.s390x.rpm
9923121785df4d2f2237aa2f81590ebf  krb5-libs-1.2.7-61.s390.rpm
caaff51b43eac165dbe1b5d7f7848498  krb5-libs-1.2.7-61.s390x.rpm
05b786cb7f55619f88647663280c5731  krb5-server-1.2.7-61.s390x.rpm
bd1470c9bc29a07e49ab7b4492a51697  krb5-workstation-1.2.7-61.s390x.rpm

x86_64:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
a17aa5eef521fda9289ecd095f38604a  krb5-debuginfo-1.2.7-61.x86_64.rpm
972fc297c47083dfaefaf1a8ea9ccab5  krb5-devel-1.2.7-61.x86_64.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
9542fea7dbd067e1975bc5366d736d91  krb5-libs-1.2.7-61.x86_64.rpm
137c91d6c1a6ca8aa05fefac6bc36513  krb5-server-1.2.7-61.x86_64.rpm
4aa5731d9c0be30795581d104855c6c3  krb5-workstation-1.2.7-61.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/krb5-1.2.7-61.src.rpm
241aa2f84b51636920795b1d34897082  krb5-1.2.7-61.src.rpm

i386:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
eaa32e453e972bf98827197c22bdb360  krb5-devel-1.2.7-61.i386.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
5c0cdb59311fc4f27f0a14d095b587dd  krb5-server-1.2.7-61.i386.rpm
3ec0506072852c72d0014f0689ab1767  krb5-workstation-1.2.7-61.i386.rpm

x86_64:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
a17aa5eef521fda9289ecd095f38604a  krb5-debuginfo-1.2.7-61.x86_64.rpm
972fc297c47083dfaefaf1a8ea9ccab5  krb5-devel-1.2.7-61.x86_64.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
9542fea7dbd067e1975bc5366d736d91  krb5-libs-1.2.7-61.x86_64.rpm
137c91d6c1a6ca8aa05fefac6bc36513  krb5-server-1.2.7-61.x86_64.rpm
4aa5731d9c0be30795581d104855c6c3  krb5-workstation-1.2.7-61.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/krb5-1.2.7-61.src.rpm
241aa2f84b51636920795b1d34897082  krb5-1.2.7-61.src.rpm

i386:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
eaa32e453e972bf98827197c22bdb360  krb5-devel-1.2.7-61.i386.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
5c0cdb59311fc4f27f0a14d095b587dd  krb5-server-1.2.7-61.i386.rpm
3ec0506072852c72d0014f0689ab1767  krb5-workstation-1.2.7-61.i386.rpm

ia64:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
5cfba0e843efa6488def31879310dbc9  krb5-debuginfo-1.2.7-61.ia64.rpm
bea06113679d91e1c267fa07d7591aee  krb5-devel-1.2.7-61.ia64.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
d17302e949fe07467399150361169956  krb5-libs-1.2.7-61.ia64.rpm
089ab89df9e2457308910c50f05e23d4  krb5-server-1.2.7-61.ia64.rpm
89817c78ccf30b26849f3f70e1b9e1c4  krb5-workstation-1.2.7-61.ia64.rpm

x86_64:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
a17aa5eef521fda9289ecd095f38604a  krb5-debuginfo-1.2.7-61.x86_64.rpm
972fc297c47083dfaefaf1a8ea9ccab5  krb5-devel-1.2.7-61.x86_64.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
9542fea7dbd067e1975bc5366d736d91  krb5-libs-1.2.7-61.x86_64.rpm
137c91d6c1a6ca8aa05fefac6bc36513  krb5-server-1.2.7-61.x86_64.rpm
4aa5731d9c0be30795581d104855c6c3  krb5-workstation-1.2.7-61.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/krb5-1.2.7-61.src.rpm
241aa2f84b51636920795b1d34897082  krb5-1.2.7-61.src.rpm

i386:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
eaa32e453e972bf98827197c22bdb360  krb5-devel-1.2.7-61.i386.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
5c0cdb59311fc4f27f0a14d095b587dd  krb5-server-1.2.7-61.i386.rpm
3ec0506072852c72d0014f0689ab1767  krb5-workstation-1.2.7-61.i386.rpm

ia64:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
5cfba0e843efa6488def31879310dbc9  krb5-debuginfo-1.2.7-61.ia64.rpm
bea06113679d91e1c267fa07d7591aee  krb5-devel-1.2.7-61.ia64.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
d17302e949fe07467399150361169956  krb5-libs-1.2.7-61.ia64.rpm
089ab89df9e2457308910c50f05e23d4  krb5-server-1.2.7-61.ia64.rpm
89817c78ccf30b26849f3f70e1b9e1c4  krb5-workstation-1.2.7-61.ia64.rpm

x86_64:
e5761146a31dcfbb621c187d85f9c5ef  krb5-debuginfo-1.2.7-61.i386.rpm
a17aa5eef521fda9289ecd095f38604a  krb5-debuginfo-1.2.7-61.x86_64.rpm
972fc297c47083dfaefaf1a8ea9ccab5  krb5-devel-1.2.7-61.x86_64.rpm
a5d2478c179b637f2a9a38fb22132492  krb5-libs-1.2.7-61.i386.rpm
9542fea7dbd067e1975bc5366d736d91  krb5-libs-1.2.7-61.x86_64.rpm
137c91d6c1a6ca8aa05fefac6bc36513  krb5-server-1.2.7-61.x86_64.rpm
4aa5731d9c0be30795581d104855c6c3  krb5-workstation-1.2.7-61.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/krb5-1.3.4-46.src.rpm
8ac2bf4e79c44334eccf011036807ba5  krb5-1.3.4-46.src.rpm

i386:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
b567711dbaccedf883dbaacd01285388  krb5-devel-1.3.4-46.i386.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
7a1e837828d09f1acc11a713f63aea39  krb5-server-1.3.4-46.i386.rpm
b32d2aeec3195125c9257b0e48737614  krb5-workstation-1.3.4-46.i386.rpm

ia64:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
2ee5642305efafa6db41bbbde29c788a  krb5-debuginfo-1.3.4-46.ia64.rpm
7756cd881f328fa7671f219e82053434  krb5-devel-1.3.4-46.ia64.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
794211f95860e0d58f6f0bc7ab7c5946  krb5-libs-1.3.4-46.ia64.rpm
1e7d50c026975d7da8e18ab8c154c65d  krb5-server-1.3.4-46.ia64.rpm
bcc973738369b6fb56ebc2fbe0fd0cd2  krb5-workstation-1.3.4-46.ia64.rpm

ppc:
538b619470a1a67742fb35ef4bc5741c  krb5-debuginfo-1.3.4-46.ppc.rpm
a4d5d6e2ecc765ca4a1d9a92df9a5fc9  krb5-debuginfo-1.3.4-46.ppc64.rpm
992da8e092120ea3b2356fbd192b4c7b  krb5-devel-1.3.4-46.ppc.rpm
3cda5943b0084444f671437181a8f9f6  krb5-libs-1.3.4-46.ppc.rpm
8e768b63cec8e5d9b8e69e9f21653b6c  krb5-libs-1.3.4-46.ppc64.rpm
138aa7dfebab316975de4075df14bb55  krb5-server-1.3.4-46.ppc.rpm
36035bb3acbf15e82e9bb3ec6ff4d26b  krb5-workstation-1.3.4-46.ppc.rpm

s390:
92b8254a1d2ef2f18577e4e59660753b  krb5-debuginfo-1.3.4-46.s390.rpm
5daa9e9b7baa112b4dfebf478b9a4f1e  krb5-devel-1.3.4-46.s390.rpm
e12e91dc0d63098d98ed36db865a84dc  krb5-libs-1.3.4-46.s390.rpm
f2d8dd5bcb8f1379e3d99ef912ce44b1  krb5-server-1.3.4-46.s390.rpm
1cba876ad8e2b8c9d8f4f87c9863781a  krb5-workstation-1.3.4-46.s390.rpm

s390x:
92b8254a1d2ef2f18577e4e59660753b  krb5-debuginfo-1.3.4-46.s390.rpm
395aa50a8f4d791a6b72ea12e6e04698  krb5-debuginfo-1.3.4-46.s390x.rpm
8b3ac8636e195c3da4f8686fbaf9e16a  krb5-devel-1.3.4-46.s390x.rpm
e12e91dc0d63098d98ed36db865a84dc  krb5-libs-1.3.4-46.s390.rpm
7a2164928f13bd99ecca920c0e921ec4  krb5-libs-1.3.4-46.s390x.rpm
2a85452cd19682a137bded3505737950  krb5-server-1.3.4-46.s390x.rpm
8a296cad115e274c1a01d71b9ed9a73e  krb5-workstation-1.3.4-46.s390x.rpm

x86_64:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
88222d1fa77ed3c7b095ab4ab98adcb5  krb5-debuginfo-1.3.4-46.x86_64.rpm
cfc02be36863f29841df446afdb8e7db  krb5-devel-1.3.4-46.x86_64.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
6703713f9a765367b16a925a3fd9c355  krb5-libs-1.3.4-46.x86_64.rpm
29b872e3c0f0d6b2b74991411a5cca06  krb5-server-1.3.4-46.x86_64.rpm
7691da20ab235883310409a2c49397a7  krb5-workstation-1.3.4-46.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/krb5-1.3.4-46.src.rpm
8ac2bf4e79c44334eccf011036807ba5  krb5-1.3.4-46.src.rpm

i386:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
b567711dbaccedf883dbaacd01285388  krb5-devel-1.3.4-46.i386.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
7a1e837828d09f1acc11a713f63aea39  krb5-server-1.3.4-46.i386.rpm
b32d2aeec3195125c9257b0e48737614  krb5-workstation-1.3.4-46.i386.rpm

x86_64:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
88222d1fa77ed3c7b095ab4ab98adcb5  krb5-debuginfo-1.3.4-46.x86_64.rpm
cfc02be36863f29841df446afdb8e7db  krb5-devel-1.3.4-46.x86_64.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
6703713f9a765367b16a925a3fd9c355  krb5-libs-1.3.4-46.x86_64.rpm
29b872e3c0f0d6b2b74991411a5cca06  krb5-server-1.3.4-46.x86_64.rpm
7691da20ab235883310409a2c49397a7  krb5-workstation-1.3.4-46.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/krb5-1.3.4-46.src.rpm
8ac2bf4e79c44334eccf011036807ba5  krb5-1.3.4-46.src.rpm

i386:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
b567711dbaccedf883dbaacd01285388  krb5-devel-1.3.4-46.i386.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
7a1e837828d09f1acc11a713f63aea39  krb5-server-1.3.4-46.i386.rpm
b32d2aeec3195125c9257b0e48737614  krb5-workstation-1.3.4-46.i386.rpm

ia64:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
2ee5642305efafa6db41bbbde29c788a  krb5-debuginfo-1.3.4-46.ia64.rpm
7756cd881f328fa7671f219e82053434  krb5-devel-1.3.4-46.ia64.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
794211f95860e0d58f6f0bc7ab7c5946  krb5-libs-1.3.4-46.ia64.rpm
1e7d50c026975d7da8e18ab8c154c65d  krb5-server-1.3.4-46.ia64.rpm
bcc973738369b6fb56ebc2fbe0fd0cd2  krb5-workstation-1.3.4-46.ia64.rpm

x86_64:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
88222d1fa77ed3c7b095ab4ab98adcb5  krb5-debuginfo-1.3.4-46.x86_64.rpm
cfc02be36863f29841df446afdb8e7db  krb5-devel-1.3.4-46.x86_64.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
6703713f9a765367b16a925a3fd9c355  krb5-libs-1.3.4-46.x86_64.rpm
29b872e3c0f0d6b2b74991411a5cca06  krb5-server-1.3.4-46.x86_64.rpm
7691da20ab235883310409a2c49397a7  krb5-workstation-1.3.4-46.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/krb5-1.3.4-46.src.rpm
8ac2bf4e79c44334eccf011036807ba5  krb5-1.3.4-46.src.rpm

i386:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
b567711dbaccedf883dbaacd01285388  krb5-devel-1.3.4-46.i386.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
7a1e837828d09f1acc11a713f63aea39  krb5-server-1.3.4-46.i386.rpm
b32d2aeec3195125c9257b0e48737614  krb5-workstation-1.3.4-46.i386.rpm

ia64:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
2ee5642305efafa6db41bbbde29c788a  krb5-debuginfo-1.3.4-46.ia64.rpm
7756cd881f328fa7671f219e82053434  krb5-devel-1.3.4-46.ia64.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
794211f95860e0d58f6f0bc7ab7c5946  krb5-libs-1.3.4-46.ia64.rpm
1e7d50c026975d7da8e18ab8c154c65d  krb5-server-1.3.4-46.ia64.rpm
bcc973738369b6fb56ebc2fbe0fd0cd2  krb5-workstation-1.3.4-46.ia64.rpm

x86_64:
4a9af1641e3a2a544c5bcf958692d070  krb5-debuginfo-1.3.4-46.i386.rpm
88222d1fa77ed3c7b095ab4ab98adcb5  krb5-debuginfo-1.3.4-46.x86_64.rpm
cfc02be36863f29841df446afdb8e7db  krb5-devel-1.3.4-46.x86_64.rpm
f0ff16c33d0c9ba6487c0bf3eaf40779  krb5-libs-1.3.4-46.i386.rpm
6703713f9a765367b16a925a3fd9c355  krb5-libs-1.3.4-46.x86_64.rpm
29b872e3c0f0d6b2b74991411a5cca06  krb5-server-1.3.4-46.x86_64.rpm
7691da20ab235883310409a2c49397a7  krb5-workstation-1.3.4-46.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/krb5-1.5-23.src.rpm
19a3771be564d508b43e9d21ec28021f  krb5-1.5-23.src.rpm

i386:
b243d6594470d817f7339bd59a75128d  krb5-debuginfo-1.5-23.i386.rpm
e996a6afe95019d0bcd41e6d3950bd92  krb5-libs-1.5-23.i386.rpm
512ce44bca20f6f205f624131d9962da  krb5-workstation-1.5-23.i386.rpm

x86_64:
b243d6594470d817f7339bd59a75128d  krb5-debuginfo-1.5-23.i386.rpm
3fb7109544c021846ed109c01f1bb0ab  krb5-debuginfo-1.5-23.x86_64.rpm
e996a6afe95019d0bcd41e6d3950bd92  krb5-libs-1.5-23.i386.rpm
f9703e1dca02855ae83a2d6628d0fe4e  krb5-libs-1.5-23.x86_64.rpm
a3969c5cb8d90e0d82f01a6899c6ce5a  krb5-workstation-1.5-23.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/krb5-1.5-23.src.rpm
19a3771be564d508b43e9d21ec28021f  krb5-1.5-23.src.rpm

i386:
b243d6594470d817f7339bd59a75128d  krb5-debuginfo-1.5-23.i386.rpm
24f6ae2b75a877224f342de1aeec4023  krb5-devel-1.5-23.i386.rpm
09a65148e9528c0f1f1ee2ae7d6f3574  krb5-server-1.5-23.i386.rpm

x86_64:
b243d6594470d817f7339bd59a75128d  krb5-debuginfo-1.5-23.i386.rpm
3fb7109544c021846ed109c01f1bb0ab  krb5-debuginfo-1.5-23.x86_64.rpm
24f6ae2b75a877224f342de1aeec4023  krb5-devel-1.5-23.i386.rpm
954d03b3a0954834768f7564e0e7e741  krb5-devel-1.5-23.x86_64.rpm
b50e4fe195e2f236b45f7b22da01b8af  krb5-server-1.5-23.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/krb5-1.5-23.src.rpm
19a3771be564d508b43e9d21ec28021f  krb5-1.5-23.src.rpm

i386:
b243d6594470d817f7339bd59a75128d  krb5-debuginfo-1.5-23.i386.rpm
24f6ae2b75a877224f342de1aeec4023  krb5-devel-1.5-23.i386.rpm
e996a6afe95019d0bcd41e6d3950bd92  krb5-libs-1.5-23.i386.rpm
09a65148e9528c0f1f1ee2ae7d6f3574  krb5-server-1.5-23.i386.rpm
512ce44bca20f6f205f624131d9962da  krb5-workstation-1.5-23.i386.rpm

ia64:
b243d6594470d817f7339bd59a75128d  krb5-debuginfo-1.5-23.i386.rpm
07b45f7c45be2b57b9d656877fd1209f  krb5-debuginfo-1.5-23.ia64.rpm
720833e90ed739dead106c84ae1d02b6  krb5-devel-1.5-23.ia64.rpm
e996a6afe95019d0bcd41e6d3950bd92  krb5-libs-1.5-23.i386.rpm
17578cac6d56991601349056a365cd69  krb5-libs-1.5-23.ia64.rpm
9cb4df8461213cab353a79c7b9c785d4  krb5-server-1.5-23.ia64.rpm
46d09ec65f19ff797c891d7393077639  krb5-workstation-1.5-23.ia64.rpm

ppc:
1f48a04e8ed70a7f7d70e33d19d5ff7d  krb5-debuginfo-1.5-23.ppc.rpm
1816cd044eaadf8167822682666c3ff9  krb5-debuginfo-1.5-23.ppc64.rpm
5893dd512388b98b08a27731aa5b0db0  krb5-devel-1.5-23.ppc.rpm
2d84c188dbb9891bee4193ce0b630170  krb5-devel-1.5-23.ppc64.rpm
8f61b1442a98cdb0b7f2c33c6f9c845a  krb5-libs-1.5-23.ppc.rpm
28202a13540f51df7271b4906aeffee3  krb5-libs-1.5-23.ppc64.rpm
142642e400df7bc04dd2bb5dcc9104c0  krb5-server-1.5-23.ppc.rpm
f80012b463a41caa664ccd4889d6fe95  krb5-workstation-1.5-23.ppc.rpm

s390x:
97d04c01ed14f936f7cd2fee0332b797  krb5-debuginfo-1.5-23.s390.rpm
540b047660098f86674c333c98636d6d  krb5-debuginfo-1.5-23.s390x.rpm
abeac98b7058da644ab3313c95260fc8  krb5-devel-1.5-23.s390.rpm
43d6a06420b97743ab4a3c2e90bf04ab  krb5-devel-1.5-23.s390x.rpm
ea2483cae9d3e51eb64ac0d666f5c9ad  krb5-libs-1.5-23.s390.rpm
4265bdd8290546ba7717709d61537e45  krb5-libs-1.5-23.s390x.rpm
58c9038d7bd2defc09520d37240bd493  krb5-server-1.5-23.s390x.rpm
9f9d956d40fd3fdad018f5b335cbe72a  krb5-workstation-1.5-23.s390x.rpm

x86_64:
b243d6594470d817f7339bd59a75128d  krb5-debuginfo-1.5-23.i386.rpm
3fb7109544c021846ed109c01f1bb0ab  krb5-debuginfo-1.5-23.x86_64.rpm
24f6ae2b75a877224f342de1aeec4023  krb5-devel-1.5-23.i386.rpm
954d03b3a0954834768f7564e0e7e741  krb5-devel-1.5-23.x86_64.rpm
e996a6afe95019d0bcd41e6d3950bd92  krb5-libs-1.5-23.i386.rpm
f9703e1dca02855ae83a2d6628d0fe4e  krb5-libs-1.5-23.x86_64.rpm
b50e4fe195e2f236b45f7b22da01b8af  krb5-server-1.5-23.x86_64.rpm
a3969c5cb8d90e0d82f01a6899c6ce5a  krb5-workstation-1.5-23.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFGEps3XlSAg2UNWIIRArM7AKCsqxq2CcsD23nIyxntbRqic5x1cACfWqoM
lmE+gF7e0D0gb0oxaVKXJKI=
=nZGw
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRhMtIih9+71yA2DNAQIGowQAh9g+4BBjRQfVEvMYJPqUTLl0BOvD6TAp
ZUy95AoV8mspBznu4/E/JDHbfhBM0pp1nUW0ma8O20JYAcTO5ST7KTH11lMWWuhr
oB4x+XKx6w4C3JRAbQES34zmf9Io1fyHqNJsFYR3WeF1cvn4tqeXSrk2UEPSRFNc
3DLBShU6Zho=
=9zAZ
-----END PGP SIGNATURE-----