[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1643-1] krb5 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : krb5
Version        : 1.12.1+dfsg-19+deb8u5
CVE ID         : CVE-2018-5729 CVE-2018-5730 CVE-2018-20217


krb5, a MIT Kerberos implementation, had several flaws in LDAP DN checking, which could be used to circumvent a DN containership check by supplying special parameters to some calls.
Further an attacker could crash the KDC by making S4U2Self requests.


For Debian 8 "Jessie", these problems have been fixed in version 1.12.1+dfsg-19+deb8u5.

We recommend that you upgrade your krb5 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlxLkb9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfUlA//XB75YsDtm831E8u3+JUihzMqSh1WiH03TP9DrThe2ffO+bYwu4+gKeZO
qccgXhV6piBp4vjL08kNnkmYEsF0YLAc8Sw9gjU6zUmR0dkeM2sGx3Gkk85MTlbs
pWVrPlD/gM3wnd2HJyqwUmHbM0VoAdbvmwAOF6nomMyRZh9bKLJVP0kiiGci0Vz/
dy6nSmkQYU/rapnHoMQfRv3V7ZW7AC9ohxXKvJhI3ISkQr/PQTI1h/0iMo5bt+Xs
Of47nusHu5yhWUtc6XNPXiP4Z6Mv/lhlgA4wM/LCkJ2xrPB98S/okyqVllskggjJ
U0KAFMEcPnzSt+z5cF6yrOu3vV7aKoyzfbSeAtEZiLhPzExHX47q0iFdrgIeIyWh
jfuRw4MYonmxuLT5LhS5CdTQxDoj/ip7+HkKWa1DXC08ANnGSrFBkg1Uwq9FndbM
1rc3jBOnT6QO781dl+sPL8Cpk+iUoECPqNfXx67YBT4NXL2AwFsLQM7TzKAQvnXQ
Gantpnkkcs8HToht18NfqWL7P5dCYk3igc1fwgcyC883ZcfBl8io3UYl5GCqJNgs
TA/X2+ZfetaP8Xim2hl9MuawbiQb7ayfazmHnufaT10tlP2NDMJRFqy75y9l3l1c
sRa5dhe1xyNggg62X5PYf2pBGoSK+ztaxBz2wBfRjuN91SdgUDo=
=jF6q
-----END PGP SIGNATURE-----


Reply to: