Описание
ELSA-2021-9294: krb5 security update (IMPORTANT)
[1.15.1-50.0.1]
- Add recursion limit for ASN.1 indefinite lengths [Orabug: 32582360]
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
krb5-devel
1.15.1-50.0.1.el7
krb5-libs
1.15.1-50.0.1.el7
krb5-pkinit
1.15.1-50.0.1.el7
krb5-server
1.15.1-50.0.1.el7
krb5-server-ldap
1.15.1-50.0.1.el7
krb5-workstation
1.15.1-50.0.1.el7
libkadm5
1.15.1-50.0.1.el7
Oracle Linux x86_64
krb5-devel
1.15.1-50.0.1.el7
krb5-libs
1.15.1-50.0.1.el7
krb5-pkinit
1.15.1-50.0.1.el7
krb5-server
1.15.1-50.0.1.el7
krb5-server-ldap
1.15.1-50.0.1.el7
krb5-workstation
1.15.1-50.0.1.el7
libkadm5
1.15.1-50.0.1.el7
Связанные CVE
Связанные уязвимости
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allow ...