Описание
Security update for krb5
This update for krb5 fixes the following security issue:
- CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message (bsc#1178512).
Список пакетов
Container caasp/v4/nginx-ingress-controller:beta1
krb5-1.12.5-40.40.2
Container suse/sles12sp3:latest
krb5-1.12.5-40.40.2
Container suse/sles12sp4:latest
krb5-1.12.5-40.40.2
HPE Helion OpenStack 8
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
Image SLES12-SP4-Azure-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-EC2-HVM-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-GCE-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-OCI-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-Azure
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-Azure-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-EC2-HVM
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-EC2-HVM-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-GCE
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-GCE-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP4-SAP-OCI-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP5-OCI-BYOS-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
krb5-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
SUSE Enterprise Storage 5
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server 12 SP2-BCL
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server 12 SP2-LTSS
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server 12 SP3-BCL
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server 12 SP3-LTSS
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server 12 SP4-LTSS
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server 12 SP5
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE Linux Enterprise Software Development Kit 12 SP5
krb5-devel-1.12.5-40.40.2
SUSE OpenStack Cloud 7
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE OpenStack Cloud 8
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE OpenStack Cloud 9
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE OpenStack Cloud Crowbar 8
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
SUSE OpenStack Cloud Crowbar 9
krb5-1.12.5-40.40.2
krb5-32bit-1.12.5-40.40.2
krb5-client-1.12.5-40.40.2
krb5-doc-1.12.5-40.40.2
krb5-plugin-kdb-ldap-1.12.5-40.40.2
krb5-plugin-preauth-otp-1.12.5-40.40.2
krb5-plugin-preauth-pkinit-1.12.5-40.40.2
krb5-server-1.12.5-40.40.2
Ссылки
- Link for SUSE-SU-2020:3379-1
- E-Mail link for SUSE-SU-2020:3379-1
- SUSE Security Ratings
- SUSE Bug 1178512
- SUSE CVE CVE-2020-28196 page
Описание
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
Затронутые продукты
Container caasp/v4/nginx-ingress-controller:beta1:krb5-1.12.5-40.40.2
Container suse/sles12sp3:latest:krb5-1.12.5-40.40.2
Container suse/sles12sp4:latest:krb5-1.12.5-40.40.2
HPE Helion OpenStack 8:krb5-1.12.5-40.40.2
Ссылки
- CVE-2020-28196
- SUSE Bug 1178512
- SUSE Bug 1183911