===================================================================== CERT-Renater Note d'Information No. 2006/VULN470 _____________________________________________________________________ DATE : 28/08/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running MIT Kerberos 5. ====================================================================== http://mailman.mit.edu/pipermail/kerberos-announce/2006q3/000059.html http://mailman.mit.edu/pipermail/kerberos-announce/2006q3/000058.html http://mailman.mit.edu/pipermail/kerberos-announce/2006q3/000056.html ---------------------------------------------------------------------- The MIT Kerberos Team announces the availability of MIT Kerberos 5 Release 1.4.4. Please see below for a list of some major changes included, or consult the README file in the source tree for a more detailed list of significant changes. RETRIEVING KERBEROS 5 RELEASE 1.4.4 =================================== You may retrieve the Kerberos 5 Release 1.4.4 source from the following URL: http://web.mit.edu/kerberos/dist/ The homepage for the krb5-1.4.4 release is: http://web.mit.edu/kerberos/krb5-1.4/ Further information about Kerberos 5 may be found at the following URL: http://web.mit.edu/kerberos/ MAJOR CHANGES ============= The only significant change in krb5-1.4.4 is to fix the security vulnerabilities decribed in MITKRB5-SA-2006-001, which are local privilege escalation vulnerabilities in applications running on Linux and AIX. ------------------------------------------------------------------------- 2. The MIT Kerberos Team announces the availability of MIT Kerberos 5 Release 1.5.1. Please see below for a list of some major changes included, or consult the README file in the source tree for a more detailed list of significant changes. RETRIEVING KERBEROS 5 RELEASE 1.5.1 =================================== You may retrieve the Kerberos 5 Release 1.5.1 source from the following URL: http://web.mit.edu/kerberos/dist/ The homepage for the krb5-1.5.1 release is: http://web.mit.edu/kerberos/krb5-1.5/ Further information about Kerberos 5 may be found at the following URL: http://web.mit.edu/kerberos/ MAJOR CHANGES ============= The only significant change in krb5-1.5.1 is to fix the security vulnerabilities decribed in MITKRB5-SA-2006-001, which are local privilege escalation vulnerabilities in applications running on Linux and AIX. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================