AXSA:2021-1843:01

Release date: 
Tuesday, June 8, 2021 - 09:55
Subject: 
krb5-1.18.2-8.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

* krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS (CVE-2020-28196)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 8.4 Release Notes linked from the References section.

CVE-2020-28196
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. krb5-1.18.2-8.el8.src.rpm
    MD5: bfb48c77728946b9a5019a49ccc84961
    SHA-256: 2e68f2205071d86988f465d3351c45befcfb0bcc70103c606760b71c2aa11aae
    Size: 9.80 MB

Asianux Server 8 for x86_64
  1. krb5-devel-1.18.2-8.el8.x86_64.rpm
    MD5: 55d4667b6015506a01af1eb01e6521a3
    SHA-256: c10d5d26f91ac7c089aba0768d7001f483ae6dce5892425e34b2a6606216a7d3
    Size: 557.95 kB
  2. krb5-libs-1.18.2-8.el8.x86_64.rpm
    MD5: 94f93d67d757a565040da9b7021f68f2
    SHA-256: a63b896ee9fbdf043c26db1cd978a3a4671c1b699c8e2634fa747d44312fab2a
    Size: 837.03 kB
  3. krb5-pkinit-1.18.2-8.el8.x86_64.rpm
    MD5: b9c37a1bbe338b3fe714a01362351ff6
    SHA-256: c039b64e1cad5e24d0aa6d54bb4e19a2f023cc11ec84780d9a1672392cc96095
    Size: 173.27 kB
  4. krb5-server-1.18.2-8.el8.x86_64.rpm
    MD5: c2e4d778d23f470d233a698974d92b1c
    SHA-256: bf01b8b00cb7382655f8f0ee8b3d582a0d2d2bca36405572314d6bbbd04fd21a
    Size: 1.07 MB
  5. krb5-server-ldap-1.18.2-8.el8.x86_64.rpm
    MD5: e6db9ea758d8effc0c6fd75293308515
    SHA-256: 0ef6f573594b40d8c50896573dda9373ca800957799cc6b1d10c6f4643a4f97a
    Size: 203.31 kB
  6. krb5-workstation-1.18.2-8.el8.x86_64.rpm
    MD5: 9e5ff33d03caac170132c86327a675b7
    SHA-256: 30dd5e6353044c0cf8fe28044079a304d2d609904146ddc49d88bc0e18e1e2de
    Size: 954.64 kB
  7. libkadm5-1.18.2-8.el8.x86_64.rpm
    MD5: 15ee511dad5a4c937298d146e0d532c5
    SHA-256: 724898c4d291203a96bbc2ffc3b60325da8aaea33fc17f8bd30efc9d30fe1e5d
    Size: 184.87 kB
  8. krb5-devel-1.18.2-8.el8.i686.rpm
    MD5: e1268bcd5c9940f19da9eeda865de27d
    SHA-256: 712a04a4d9d8253a8cecfad228712b9fe5a99b43278ba84f0ed5b32b0a9549dc
    Size: 557.60 kB
  9. krb5-libs-1.18.2-8.el8.i686.rpm
    MD5: 7ffd584857f4e971428ddf81809da90a
    SHA-256: 35fb9dc8905dd4e841024923ec5106887c8244749d8dd2eac2de0e28903c8c43
    Size: 898.04 kB
  10. krb5-pkinit-1.18.2-8.el8.i686.rpm
    MD5: 03556b91b0ee6ec350f4ed25c8df1dda
    SHA-256: 3bf7f6296d0e257f51f6717e49f97a23013600397814b6823281982f3eeddcc5
    Size: 178.73 kB
  11. krb5-server-1.18.2-8.el8.i686.rpm
    MD5: 0d993892ad879e1f646111aa64063f35
    SHA-256: a842fe2f412afcdcd400f5cce8277a93db7c4a0b2297f9dd68da4ad7db1a858d
    Size: 1.09 MB
  12. krb5-server-ldap-1.18.2-8.el8.i686.rpm
    MD5: bd4f40cd79ba4adbc1f9472992123c63
    SHA-256: 0695e71fc212cdc5854a8bbeb7209d56e247609ae3fd177dff6fb6ed60918a57
    Size: 209.02 kB
  13. libkadm5-1.18.2-8.el8.i686.rpm
    MD5: a09974308ffd89e26a1b0dc55e639d95
    SHA-256: 75dda71fbca66e60a67d7717657ea203e124ce9a6cef634697257f53269674e7
    Size: 189.39 kB
Copyright© 2007-2015 Asianux. All rights reserved.