[Freeipa-users] FreeIPA 1.1.1 SECURITY Release
Simo Sorce
ssorce at redhat.com
Wed Sep 10 20:55:51 UTC 2008
This is a security release in order to address CVE-2008-3274
CVE-2008-3274:
A flaw was found in the Red Hat Enterprise IPA
installation procedure. The master Kerberos password was
set up in the LDAP server in such a way that it was
possible to retrieve the password via an anonymous LDAP
connection.
Note: the master Kerberos password is used to encrypt keys. This flaw
does not lead to individual keys being exposed.
To solve the issue it is *not* sufficient to simply download and update
the binaries. Instructions to completely patch and resolve the issue are
available here: http://freeipa.org/page/CVE-2008-3274
The complete source code is available for download here:
http://www.freeipa.org/page/Downloads
Binary packages for Fedora 8 and 9 will be available shortly.
The FreeIPA Project Team.
More information about the Freeipa-users
mailing list