An updated cyrus-sasl package that addresses a security issue and fixes
various other bugs is now available for Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
The cyrus-sasl package contains the Cyrus implementation of SASL. SASL is
the Simple Authentication and Security Layer, a method for adding
authentication support to connection-based protocols.
A bug was found in cyrus-sasl's DIGEST-MD5 authentication mechanism. As
part of the DIGEST-MD5 authentication exchange, the client is expected to
send a specific set of information to the server. If one of these items
(the "realm") was not sent or was malformed, it was possible for a remote
unauthenticated attacker to cause a denial of service (segmentation fault)
on the server. (CVE-2006-1721)
This errata also fixes the following bugs:
* the Kerberos 5 library included in Red Hat Enterprise Linux 4 was not
thread safe. This update adds functionality which allows it to be used
safely in a threaded application.
* several memory leak bugs were fixed in cyrus-sasl's DIGEST-MD5
* /dev/urandom is now used by default on systems which don't support
hwrandom. Previously, dev/random was the default.
* cyrus-sasl needs zlib-devel to build properly. This dependency
information is now included in the package.
Users are advised to upgrade to this updated cyrus-sasl package, which
resolves these issues.