The krb5_aname_to_localname() library function contains multiple buffer overflows which could be exploited to gain unauthorized root access. Only configurations which include auth_to_local_names or auth_to_local directives (neither of which are included in default configurations) are vulnerable. Affects: FC1 Affects: FC2
*** This bug has been marked as a duplicate of 125001 ***
this is not a duplicate; this is the bug for tracking the fix in Fedora Core, bug #125001 is for tracking the fix in Red Hat Enterprise Linux
Updates now available: http://www.redhat.com/archives/fedora-announce-list/2004-June/msg00006.html http://www.redhat.com/archives/fedora-announce-list/2004-June/msg00007.html