COMMAND

    cyrus-sasl

SYSTEMS AFFECTED

    RedHat 7

PROBLEM

    Following is based on a RedHat Security Advisory RHSA-2000:094-01.
    An error  existed in  the authorization  checks in  the version of
    cyrus-sasl shipped with Red Hat Linux  7.  Due to this bug,  users
    who had been successfully authenticated could be allowed access to
    resources even  if the  system had  been configured  to deny these
    users access.

    Versions of cyrus-sasl  included in previous  releases of Red  Hat
    Power Tools did not implement  this function and are not  affected
    by this bug.

SOLUTION

    RPMs required:

        ftp://updates.redhat.com/7.0/i386/cyrus-sasl-1.5.24-11.i386.rpm
        ftp://updates.redhat.com/7.0/SRPMS/cyrus-sasl-1.5.24-11.src.rpm