Описание
ELSA-2021-1593: krb5 security update (MODERATE)
[1.18.2-8]
- Add recursion limit for ASN.1 indefinite lengths (CVE-2020-28196)
- Resolves: #1906492
[1.18.2-7]
- Document -k option in kvno(1) synopsis
- Resolves: #1869055
[1.18.2-6]
- Enable MD5 override for FIPS RADIUS
- Resolves: #1872689
[1.18.2-5.2]
- Unify kvno option documentation
- Resolves: #1869055
[1.18.2-5.1]
- Fix upstream URLs in spec file
- Resolves: #1868039
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
krb5-devel
1.18.2-8.el8
krb5-libs
1.18.2-8.el8
krb5-pkinit
1.18.2-8.el8
krb5-server
1.18.2-8.el8
krb5-server-ldap
1.18.2-8.el8
krb5-workstation
1.18.2-8.el8
libkadm5
1.18.2-8.el8
Oracle Linux x86_64
krb5-devel
1.18.2-8.el8
krb5-libs
1.18.2-8.el8
krb5-pkinit
1.18.2-8.el8
krb5-server
1.18.2-8.el8
krb5-server-ldap
1.18.2-8.el8
krb5-workstation
1.18.2-8.el8
libkadm5
1.18.2-8.el8
Связанные CVE
Связанные уязвимости
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allow ...