Описание
Security update for krb5
krb5 was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash (bsc#952188).
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
krb5-1.6.3-133.49.97.1
krb5-32bit-1.6.3-133.49.97.1
krb5-client-1.6.3-133.49.97.1
SUSE Linux Enterprise Desktop 11 SP4
krb5-1.6.3-133.49.97.1
krb5-32bit-1.6.3-133.49.97.1
krb5-client-1.6.3-133.49.97.1
SUSE Linux Enterprise Server 11 SP3
krb5-1.6.3-133.49.97.1
krb5-32bit-1.6.3-133.49.97.1
krb5-apps-clients-1.6.3-133.49.97.1
krb5-apps-servers-1.6.3-133.49.97.1
krb5-client-1.6.3-133.49.97.1
krb5-doc-1.6.3-133.49.97.3
krb5-plugin-kdb-ldap-1.6.3-133.49.97.3
krb5-plugin-preauth-pkinit-1.6.3-133.49.97.3
krb5-server-1.6.3-133.49.97.1
krb5-x86-1.6.3-133.49.97.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
krb5-1.6.3-133.49.97.1
krb5-32bit-1.6.3-133.49.97.1
krb5-apps-clients-1.6.3-133.49.97.1
krb5-apps-servers-1.6.3-133.49.97.1
krb5-client-1.6.3-133.49.97.1
krb5-doc-1.6.3-133.49.97.3
krb5-plugin-kdb-ldap-1.6.3-133.49.97.3
krb5-plugin-preauth-pkinit-1.6.3-133.49.97.3
krb5-server-1.6.3-133.49.97.1
krb5-x86-1.6.3-133.49.97.1
SUSE Linux Enterprise Server 11 SP4
krb5-1.6.3-133.49.97.1
krb5-32bit-1.6.3-133.49.97.1
krb5-apps-clients-1.6.3-133.49.97.1
krb5-apps-servers-1.6.3-133.49.97.1
krb5-client-1.6.3-133.49.97.1
krb5-doc-1.6.3-133.49.97.3
krb5-plugin-kdb-ldap-1.6.3-133.49.97.3
krb5-plugin-preauth-pkinit-1.6.3-133.49.97.3
krb5-server-1.6.3-133.49.97.1
krb5-x86-1.6.3-133.49.97.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
krb5-1.6.3-133.49.97.1
krb5-32bit-1.6.3-133.49.97.1
krb5-apps-clients-1.6.3-133.49.97.1
krb5-apps-servers-1.6.3-133.49.97.1
krb5-client-1.6.3-133.49.97.1
krb5-doc-1.6.3-133.49.97.3
krb5-plugin-kdb-ldap-1.6.3-133.49.97.3
krb5-plugin-preauth-pkinit-1.6.3-133.49.97.3
krb5-server-1.6.3-133.49.97.1
krb5-x86-1.6.3-133.49.97.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
krb5-1.6.3-133.49.97.1
krb5-32bit-1.6.3-133.49.97.1
krb5-apps-clients-1.6.3-133.49.97.1
krb5-apps-servers-1.6.3-133.49.97.1
krb5-client-1.6.3-133.49.97.1
krb5-doc-1.6.3-133.49.97.3
krb5-plugin-kdb-ldap-1.6.3-133.49.97.3
krb5-plugin-preauth-pkinit-1.6.3-133.49.97.3
krb5-server-1.6.3-133.49.97.1
krb5-x86-1.6.3-133.49.97.1
SUSE Linux Enterprise Software Development Kit 11 SP3
krb5-devel-1.6.3-133.49.97.1
krb5-devel-32bit-1.6.3-133.49.97.1
krb5-server-1.6.3-133.49.97.1
SUSE Linux Enterprise Software Development Kit 11 SP4
krb5-devel-1.6.3-133.49.97.1
krb5-devel-32bit-1.6.3-133.49.97.1
krb5-server-1.6.3-133.49.97.1
Ссылки
- Link for SUSE-SU-2015:1898-1
- E-Mail link for SUSE-SU-2015:1898-1
- SUSE Security Ratings
- SUSE Bug 952188
- SUSE CVE CVE-2015-2695 page
Описание
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:krb5-1.6.3-133.49.97.1
SUSE Linux Enterprise Desktop 11 SP3:krb5-32bit-1.6.3-133.49.97.1
SUSE Linux Enterprise Desktop 11 SP3:krb5-client-1.6.3-133.49.97.1
SUSE Linux Enterprise Desktop 11 SP4:krb5-1.6.3-133.49.97.1
Ссылки
- CVE-2015-2695
- SUSE Bug 770172
- SUSE Bug 952188
- SUSE Bug 969771