Описание
ELSA-2021-4788: krb5 security update (MODERATE)
[1.15.1-51.0.1]
- Add recursion limit for ASN.1 indefinite lengths [Orabug: 32582360]
[1.15.1-51]
- Fix KDC null deref on TGS inner body null server (CVE-2021-37750)
- Resolves: #1997599
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
krb5-devel
1.15.1-51.0.1.el7_9
krb5-libs
1.15.1-51.0.1.el7_9
krb5-pkinit
1.15.1-51.0.1.el7_9
krb5-server
1.15.1-51.0.1.el7_9
krb5-server-ldap
1.15.1-51.0.1.el7_9
krb5-workstation
1.15.1-51.0.1.el7_9
libkadm5
1.15.1-51.0.1.el7_9
Oracle Linux x86_64
krb5-devel
1.15.1-51.0.1.el7_9
krb5-libs
1.15.1-51.0.1.el7_9
krb5-pkinit
1.15.1-51.0.1.el7_9
krb5-server
1.15.1-51.0.1.el7_9
krb5-server-ldap
1.15.1-51.0.1.el7_9
krb5-workstation
1.15.1-51.0.1.el7_9
libkadm5
1.15.1-51.0.1.el7_9
Связанные CVE
Связанные уязвимости
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before ...