krb5-1.15.1-51.el7

エラータID: AXSA:2021-2558:03

Release date: 
Wednesday, November 24, 2021 - 01:31
Subject: 
krb5-1.15.1-51.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

* krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field (CVE-2021-37750)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-37750
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.

Solution: 

Update packages.

CVEs: 
CVE-2021-37750
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
Additional Info: 

N/A

Download: 

SRPMS
  1. krb5-1.15.1-51.el7.src.rpm
    MD5: 16a693afd6b85aeccb01a94fadb71e74
    SHA-256: 3e1d344b7bf271b9447ec4ed493f3a5817e4f53c49791887d9a1196f27e5a0f3
    Size: 11.01 MB

Asianux Server 7 for x86_64
  1. krb5-devel-1.15.1-51.el7.x86_64.rpm
    MD5: c113e713ea8589028dbc55319b2f159b
    SHA-256: 7c1a9c147460590cfc8786a237be781b32f3221da7fdc276a5b6f204d67c0e8f
    Size: 272.01 kB
  2. krb5-libs-1.15.1-51.el7.x86_64.rpm
    MD5: 1f16204590d3023bba293aa236e812c7
    SHA-256: ee41e5581b8baa5cce3edbd38d940f8570d485634d820a0d75b953415278e2eb
    Size: 808.34 kB
  3. krb5-pkinit-1.15.1-51.el7.x86_64.rpm
    MD5: 72a616a6c96fbd4458336a74f808d6b0
    SHA-256: 7b164f2e258ce9b8c3159a068e978d2baec28301ca9b800b51c4e98153c85d06
    Size: 165.71 kB
  4. krb5-server-1.15.1-51.el7.x86_64.rpm
    MD5: 3a15c9400646a6bb4ac9022aef3d9015
    SHA-256: defa3161dc953d8cf04602abdc2c03bf14d4c0db065a3bda7af8dbd75a9651ee
    Size: 1.02 MB
  5. krb5-server-ldap-1.15.1-51.el7.x86_64.rpm
    MD5: c839c84cd449920ba1e626e9308f8e2a
    SHA-256: d257df9176980cc2447dd40e7491e01e4510436f95d20de2f665aad46b8174fa
    Size: 194.19 kB
  6. krb5-workstation-1.15.1-51.el7.x86_64.rpm
    MD5: 2daf64da68d808e45b423b5f9330671d
    SHA-256: f0b3efd362fef31b9a4c642ddc5b63f54a9f2500ef8137a4e5f505eb97854766
    Size: 819.49 kB
  7. libkadm5-1.15.1-51.el7.x86_64.rpm
    MD5: 350cefe65ba1c9af9ac74ad190a68932
    SHA-256: 2d791f81ad1987807ffe97ca862f56e0211518e3ac6bf0280bd5ad34693c6928
    Size: 178.30 kB
  8. krb5-devel-1.15.1-51.el7.i686.rpm
    MD5: edf9021665b872e5cebf3dbfccd7d7da
    SHA-256: e7993e712bc6b113f9cdd35206a2f55398d13461bd1f09e883aeacc5700abc12
    Size: 271.21 kB
  9. krb5-libs-1.15.1-51.el7.i686.rpm
    MD5: 036cdc52f7389e100843d3f7086957ea
    SHA-256: 8cb0d3a8e05287058fbdfac8b446cb0f49e480a205283e245eac85320c2a6e51
    Size: 810.17 kB
  10. libkadm5-1.15.1-51.el7.i686.rpm
    MD5: aec7f5da2fbbcccd0b7f6685012d7630
    SHA-256: 7526a559f4991838e2ff467fd3532d3acb84fb8fc03eb40d11af9cdd4e49efc7
    Size: 178.75 kB