Remotely-triggerable double-free bugs have been found in the Kerberos 5 KDC, krb524 daemon, and libraries (CAN-2004-0642, CAN-2004-0643, CAN-2004-0772). A remotely-triggerable infinite loop has been found in the Kerberos 5 ASN.1 decoding library (CAN-2004-0644). Of these, the bugs denoted by CAN-2004-0642, CAN-2004-0644, and CAN-2004-0772 affect Fedora Core 1 and 2.
Embargo lifted today at 1300EDT
Updates pushed and announced for Fedora Core 1 and Fedora Core 2.