Описание
Security update for krb5
This update for krb5 fixes several issues.
This security issue was fixed:
- CVE-2017-11462: Prevent automatic security context deletion to prevent double-free (bsc#1056995)
These non-security issues were fixed:
- Set 'rdns' and 'dns_canonicalize_hostname' to false in krb5.conf in order to improve client security in handling service principle names. (bsc#1054028)
- Prevent kadmind.service startup failure caused by absence of LDAP service. (bsc#903543)
- Remove main package's dependency on systemd (bsc#1032680)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
krb5-1.12.5-40.13.1
krb5-32bit-1.12.5-40.13.1
krb5-client-1.12.5-40.13.1
SUSE Linux Enterprise Desktop 12 SP3
krb5-1.12.5-40.13.1
krb5-32bit-1.12.5-40.13.1
krb5-client-1.12.5-40.13.1
SUSE Linux Enterprise Server 12 SP2
krb5-1.12.5-40.13.1
krb5-32bit-1.12.5-40.13.1
krb5-client-1.12.5-40.13.1
krb5-doc-1.12.5-40.13.1
krb5-plugin-kdb-ldap-1.12.5-40.13.1
krb5-plugin-preauth-otp-1.12.5-40.13.1
krb5-plugin-preauth-pkinit-1.12.5-40.13.1
krb5-server-1.12.5-40.13.1
SUSE Linux Enterprise Server 12 SP3
krb5-1.12.5-40.13.1
krb5-32bit-1.12.5-40.13.1
krb5-client-1.12.5-40.13.1
krb5-doc-1.12.5-40.13.1
krb5-plugin-kdb-ldap-1.12.5-40.13.1
krb5-plugin-preauth-otp-1.12.5-40.13.1
krb5-plugin-preauth-pkinit-1.12.5-40.13.1
krb5-server-1.12.5-40.13.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
krb5-1.12.5-40.13.1
krb5-client-1.12.5-40.13.1
krb5-doc-1.12.5-40.13.1
krb5-plugin-kdb-ldap-1.12.5-40.13.1
krb5-plugin-preauth-otp-1.12.5-40.13.1
krb5-plugin-preauth-pkinit-1.12.5-40.13.1
krb5-server-1.12.5-40.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
krb5-1.12.5-40.13.1
krb5-32bit-1.12.5-40.13.1
krb5-client-1.12.5-40.13.1
krb5-doc-1.12.5-40.13.1
krb5-plugin-kdb-ldap-1.12.5-40.13.1
krb5-plugin-preauth-otp-1.12.5-40.13.1
krb5-plugin-preauth-pkinit-1.12.5-40.13.1
krb5-server-1.12.5-40.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
krb5-1.12.5-40.13.1
krb5-32bit-1.12.5-40.13.1
krb5-client-1.12.5-40.13.1
krb5-doc-1.12.5-40.13.1
krb5-plugin-kdb-ldap-1.12.5-40.13.1
krb5-plugin-preauth-otp-1.12.5-40.13.1
krb5-plugin-preauth-pkinit-1.12.5-40.13.1
krb5-server-1.12.5-40.13.1
SUSE Linux Enterprise Software Development Kit 12 SP2
krb5-devel-1.12.5-40.13.1
SUSE Linux Enterprise Software Development Kit 12 SP3
krb5-devel-1.12.5-40.13.1
Ссылки
- Link for SUSE-SU-2017:2659-1
- E-Mail link for SUSE-SU-2017:2659-1
- SUSE Security Ratings
- SUSE Bug 1032680
- SUSE Bug 1054028
- SUSE Bug 1056995
- SUSE Bug 903543
- SUSE CVE CVE-2017-11462 page
Описание
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:krb5-1.12.5-40.13.1
SUSE Linux Enterprise Desktop 12 SP2:krb5-32bit-1.12.5-40.13.1
SUSE Linux Enterprise Desktop 12 SP2:krb5-client-1.12.5-40.13.1
SUSE Linux Enterprise Desktop 12 SP3:krb5-1.12.5-40.13.1
Ссылки
- CVE-2017-11462
- SUSE Bug 1056995
- SUSE Bug 1122468