openSUSE-SU-2021:3454-1

Опубликовано: 18 окт. 2021

Источник: suse-cvrf

Описание

Security update for krb5

This update for krb5 fixes the following issues:

CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field (bsc#1189929).

Список пакетов

openSUSE Leap 15.3

krb5-1.16.3-3.24.1

krb5-32bit-1.16.3-3.24.1

krb5-client-1.16.3-3.24.1

krb5-devel-1.16.3-3.24.1

krb5-devel-32bit-1.16.3-3.24.1

krb5-plugin-kdb-ldap-1.16.3-3.24.1

krb5-plugin-preauth-otp-1.16.3-3.24.1

krb5-plugin-preauth-pkinit-1.16.3-3.24.1

krb5-server-1.16.3-3.24.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4LN5FUC4TZVB7GKLTDOBR7UQD6W4262A/
E-Mail link for openSUSE-SU-2021:3454-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1189929
SUSE Bug 1189929
https://www.suse.com/security/cve/CVE-2021-37750/
SUSE CVE CVE-2021-37750 page

Описание

The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.

Затронутые продукты

openSUSE Leap 15.3:krb5-1.16.3-3.24.1

openSUSE Leap 15.3:krb5-32bit-1.16.3-3.24.1

openSUSE Leap 15.3:krb5-client-1.16.3-3.24.1

openSUSE Leap 15.3:krb5-devel-1.16.3-3.24.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-37750.html
CVE-2021-37750
https://bugzilla.suse.com/1189929
SUSE Bug 1189929

openSUSE-SU-2021:3454-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-37750

Описание

Затронутые продукты

Ссылки