- Issued:
- 2012-02-20
- Updated:
- 2012-02-20
RHBA-2012:0246 - pam_krb5 bug fix update
Synopsis
pam_krb5 bug fix update
Type/Severity
Bug Fix Advisory (none)
Topic
An updated pam_krb5 package that fixes a bug is now available for Red Hat Enterprise Linux 5.
Description
The pam_krb5 package allows PAM-aware applications to check user passwords with the help of a Kerberos KDC.
This updated pam_krb5 package fixes the following bug:
- Previously, if a system was configured to perform Kerberos authentication using PKINIT, users who attempted to change their passwords using the "passwd" command or other PAM-aware application, while a smart card was inserted, would be erroneously prompted for the smart card PIN. With this update, the plugin returns an error to any requests for non-password information while attempting to obtain password-changing credentials. As a result, the unnecessary request for the smart card PIN is no longer made to the user in the scenario described. (BZ#715073)
All users of pam_krb5 are advised to upgrade to this updated package, which fixes this bug.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.https://access.redhat.com/kb/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- pam_krb5-2.2.14-22.el5.x86_64.rpm
- pam_krb5-2.2.14-22.el5.s390.rpm
- pam_krb5-2.2.14-22.el5.i386.rpm
- pam_krb5-2.2.14-22.el5.src.rpm
- pam_krb5-2.2.14-22.el5.ppc.rpm
- pam_krb5-2.2.14-22.el5.ppc64.rpm
- pam_krb5-2.2.14-22.el5.s390x.rpm
- pam_krb5-2.2.14-22.el5.ia64.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.