You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa krb5

Sigurnosni nedostaci programskog paketa krb5

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2016-09-01 13:34:04.322512

Name : krb5
Product : Fedora 23
Version : 1.14.3
Release : 8.fc23
Summary : The Kerberos network authentication system
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network’s security by eliminating the insecure
practice of sending passwords over the network in unencrypted form.

Update Information:

Misc samba and sssd-related bugfixes. —- Bump version to 1.14.3 for the
convenience of those needing the SNI fix. —- Require krb5 to set the “Host:”
header when speaking KKDCPP. This fixes use of TLS with SNI. —- Fix low-
impact CVE-2016-3120 where S4U2Self may cause KDC crash when anon is restricted

[ 1 ] Bug #1361050 – CVE-2016-3120 krb5: S4U2Self KDC crash when anon is restricted

This update can be installed with the “yum” update program. Use
su -c ‘yum update krb5’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarko Stanec
Cert idNCERT-REF-2016-09-0007-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa tomcat

Otkriven je sigurnosni nedostatak u programskom paketu tomcat za operacijski sustav Fedora. Otkriveni nedostatak iskorištava ranjivost FileUpload paketa, a potencijalnim...