SUSE-SU-2024:0999-1

Опубликовано: 26 мар. 2024

Источник: suse-cvrf

Описание

Security update for krb5

This update for krb5 fixes the following issues:

CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770).
CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771).

Список пакетов

Container suse/sle15:15.2

krb5-1.16.3-150100.3.33.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

krb5-1.16.3-150100.3.33.1

krb5-32bit-1.16.3-150100.3.33.1

krb5-client-1.16.3-150100.3.33.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

krb5-1.16.3-150100.3.33.1

krb5-32bit-1.16.3-150100.3.33.1

krb5-client-1.16.3-150100.3.33.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

krb5-1.16.3-150100.3.33.1

krb5-32bit-1.16.3-150100.3.33.1

krb5-client-1.16.3-150100.3.33.1

krb5-devel-1.16.3-150100.3.33.1

krb5-plugin-kdb-ldap-1.16.3-150100.3.33.1

krb5-plugin-preauth-otp-1.16.3-150100.3.33.1

krb5-plugin-preauth-pkinit-1.16.3-150100.3.33.1

krb5-server-1.16.3-150100.3.33.1

SUSE Linux Enterprise Server 15 SP2-LTSS

krb5-1.16.3-150100.3.33.1

krb5-32bit-1.16.3-150100.3.33.1

krb5-client-1.16.3-150100.3.33.1

krb5-devel-1.16.3-150100.3.33.1

krb5-plugin-kdb-ldap-1.16.3-150100.3.33.1

krb5-plugin-preauth-otp-1.16.3-150100.3.33.1

krb5-plugin-preauth-pkinit-1.16.3-150100.3.33.1

krb5-server-1.16.3-150100.3.33.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

krb5-1.16.3-150100.3.33.1

krb5-32bit-1.16.3-150100.3.33.1

krb5-client-1.16.3-150100.3.33.1

krb5-devel-1.16.3-150100.3.33.1

krb5-plugin-kdb-ldap-1.16.3-150100.3.33.1

krb5-plugin-preauth-otp-1.16.3-150100.3.33.1

krb5-plugin-preauth-pkinit-1.16.3-150100.3.33.1

krb5-server-1.16.3-150100.3.33.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20240999-1/
Link for SUSE-SU-2024:0999-1
https://lists.suse.com/pipermail/sle-security-updates/2024-March/018217.html
E-Mail link for SUSE-SU-2024:0999-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1220770
SUSE Bug 1220770
https://bugzilla.suse.com/1220771
SUSE Bug 1220771
https://www.suse.com/security/cve/CVE-2024-26458/
SUSE CVE CVE-2024-26458 page
https://www.suse.com/security/cve/CVE-2024-26461/
SUSE CVE CVE-2024-26461 page

Описание

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.

Затронутые продукты

Container suse/sle15:15.2:krb5-1.16.3-150100.3.33.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:krb5-1.16.3-150100.3.33.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:krb5-32bit-1.16.3-150100.3.33.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:krb5-client-1.16.3-150100.3.33.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-26458.html
CVE-2024-26458
https://bugzilla.suse.com/1220770
SUSE Bug 1220770

Описание

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

Затронутые продукты

Container suse/sle15:15.2:krb5-1.16.3-150100.3.33.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:krb5-1.16.3-150100.3.33.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:krb5-32bit-1.16.3-150100.3.33.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:krb5-client-1.16.3-150100.3.33.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-26461.html
CVE-2024-26461
https://bugzilla.suse.com/1220770
SUSE Bug 1220770
https://bugzilla.suse.com/1220771
SUSE Bug 1220771

SUSE-SU-2024:0999-1

Описание

Список пакетов

Container suse/sle15:15.2

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP2

Ссылки

Уязвимость: CVE-2024-26458

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2024-26461

Описание

Затронутые продукты

Ссылки