Описание
Security update for krb5
This update for krb5 fixes several issues.
This security issue was fixed:
- CVE-2017-11462: Prevent automatic security context deletion to prevent double-free (bsc#1056995)
These non-security issues were fixed:
- Set 'rdns' and 'dns_canonicalize_hostname' to false in krb5.conf in order to improve client security in handling service principle names. (bsc#1054028)
- Prevent kadmind.service startup failure caused by absence of LDAP service. (bsc#903543)
- Remove main package's dependency on systemd (bsc#1032680)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.2
krb5-1.12.5-9.1
krb5-32bit-1.12.5-9.1
krb5-client-1.12.5-9.1
krb5-devel-1.12.5-9.1
krb5-devel-32bit-1.12.5-9.1
krb5-doc-1.12.5-9.1
krb5-mini-1.12.5-9.1
krb5-mini-devel-1.12.5-9.1
krb5-plugin-kdb-ldap-1.12.5-9.1
krb5-plugin-preauth-otp-1.12.5-9.1
krb5-plugin-preauth-pkinit-1.12.5-9.1
krb5-server-1.12.5-9.1
openSUSE Leap 42.3
krb5-1.12.5-9.1
krb5-32bit-1.12.5-9.1
krb5-client-1.12.5-9.1
krb5-devel-1.12.5-9.1
krb5-devel-32bit-1.12.5-9.1
krb5-doc-1.12.5-9.1
krb5-mini-1.12.5-9.1
krb5-mini-devel-1.12.5-9.1
krb5-plugin-kdb-ldap-1.12.5-9.1
krb5-plugin-preauth-otp-1.12.5-9.1
krb5-plugin-preauth-pkinit-1.12.5-9.1
krb5-server-1.12.5-9.1
Ссылки
- E-Mail link for openSUSE-SU-2017:2712-1
- SUSE Security Ratings
Описание
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
Затронутые продукты
openSUSE Leap 42.2:krb5-1.12.5-9.1
openSUSE Leap 42.2:krb5-32bit-1.12.5-9.1
openSUSE Leap 42.2:krb5-client-1.12.5-9.1
openSUSE Leap 42.2:krb5-devel-1.12.5-9.1
Ссылки
- CVE-2017-11462
- SUSE Bug 1056995
- SUSE Bug 1122468