Security update for Kerberos 5 (important)

2012-01-05T12:08:41
ID SUSE-SU-2012:0018-1
Type suse
Reporter Suse
Modified 2012-01-05T12:08:41

Description

This update of krb5 fixes two security issues.

  • CVE-2011-4862: A remote code execution in the kerberized telnet daemon was fixed. (This only affects the ktelnetd from the krb5-appl RPM, not the regular telnetd supplied by SUSE.)
  • CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd unauthorized file access problems.