krb5 security update

2015-04-09T00:00:00
ID ELSA-2015-0794
Type oraclelinux
Reporter Oracle
Modified 2015-04-09T00:00:00

Description

[1.10.3-37] - fix for CVE-2014-5355 (#1193939) 'krb5: unauthenticated denial of service in recvauth_common() and others' [1.10.3-36] - fix for CVE-2014-5353 (#1174543) 'Fix LDAP misused policy name crash' [1.10.3-35] - Changelog fixes to make errata subsystem happy. [1.10.3-34] - fix for CVE-2014-5352 (#1179856) 'gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)' - fix for CVE-2014-9421 (#1179857) 'kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)' - fix for CVE-2014-9422 (#1179861) 'kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)'