Описание
ELSA-2021-3576: krb5 security update (MODERATE)
[1.18.2-8.3]
- Fix KDC null deref on TGS inner body null server (CVE-2021-37750)
- Resolves: #1997600
[1.18.2-8.2]
- Rebuild for rpminspect; no code changes
- Resolves: #1983728
[1.18.2-8.1]
- Fix KDC null deref on bad encrypted challenge (CVE-2021-36222)
- Resolves: #1983728
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
krb5-devel
1.18.2-8.3.el8_4
krb5-libs
1.18.2-8.3.el8_4
krb5-pkinit
1.18.2-8.3.el8_4
krb5-server
1.18.2-8.3.el8_4
krb5-server-ldap
1.18.2-8.3.el8_4
krb5-workstation
1.18.2-8.3.el8_4
libkadm5
1.18.2-8.3.el8_4
Oracle Linux x86_64
krb5-devel
1.18.2-8.3.el8_4
krb5-libs
1.18.2-8.3.el8_4
krb5-pkinit
1.18.2-8.3.el8_4
krb5-server
1.18.2-8.3.el8_4
krb5-server-ldap
1.18.2-8.3.el8_4
krb5-workstation
1.18.2-8.3.el8_4
libkadm5
1.18.2-8.3.el8_4
Связанные CVE
Связанные уязвимости
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before ...