SuSE Update for krb5 SUSE-SA:2007:004

Impact
remote denial of service
Solution
Please Install the Updated Packages.
Insight
Various bugs in the Kerberos5 libraries and tools were fixed which could be used by remote attackers to crash and potentially execute code in kadmind. - CVE-2006-6144 / MITKRB5-SA-2006-002: the RPC library could call an uninitialized function pointer, which created a security vulnerability for kadmind. - CVE-2006-6143 / MITKRB5-SA-2006-003: the GSS-API mechglue layer could fail to initialize some output pointers, causing callers to attempt to free uninitialized pointers. This caused a security vulnerability in kadmind.
Affected
krb5 on openSUSE 10.2, SUSE LINUX 10.1, SUSE SLED 10, SUSE SLES 10
References