krb5-1.18.2-27.el8

エラータID: AXSA:2024-8170:01

Release date: 
Friday, June 14, 2024 - 20:07
Subject: 
krb5-1.18.2-27.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Low
Description: 

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

* krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c (CVE-2024-26458)
* krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (CVE-2024-26461)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-26458
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
CVE-2024-26461
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

Solution: 

Update packages.

CVEs: 
CVE-2024-26458
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
CVE-2024-26461
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
Additional Info: 

N/A

Download: 

SRPMS
  1. krb5-1.18.2-27.el8.src.rpm
    MD5: 3361e8f8e5679e0040a5955e0fa5c676
    SHA-256: 18ab3c9a1787ae2c936d7893879164969bf400fa93f2bf61cc28ba95300fa755
    Size: 9.88 MB

Asianux Server 8 for x86_64
  1. krb5-devel-1.18.2-27.el8.i686.rpm
    MD5: 90dc78282dba945daf00eed690706d87
    SHA-256: 973d1722b6feeec900052e123476c669984c7d1c86296c77d38de261ac77a290
    Size: 560.66 kB
  2. krb5-devel-1.18.2-27.el8.x86_64.rpm
    MD5: 4f94a87100212714a5b24509ed6b8399
    SHA-256: 5fa491d50cff7f3ad3f8660f662cb99905b26a58f82aa7c67324e7179865fc5d
    Size: 560.87 kB
  3. krb5-libs-1.18.2-27.el8.i686.rpm
    MD5: 343963b29eadb31c64f5dab7a15e2d95
    SHA-256: 4e2a1005d2da7d182b5c764444fc8d04c8b095284df4b38235bb0350a2b71b71
    Size: 900.19 kB
  4. krb5-libs-1.18.2-27.el8.x86_64.rpm
    MD5: 405b7977243be3eaffedab65e0b213d5
    SHA-256: 40f8bb865b635c29583b5ec8f4b8bf39d3b975209e60ab5da6b019c6f363c137
    Size: 841.69 kB
  5. krb5-pkinit-1.18.2-27.el8.i686.rpm
    MD5: c7f2410368b7ed484b8b31166f5befa1
    SHA-256: 6a08d2f078eefb425735d8cb520f3df74aa552a5d52c54bde53b3b0f070ebb5e
    Size: 180.78 kB
  6. krb5-pkinit-1.18.2-27.el8.x86_64.rpm
    MD5: fa8cf018ef04fae7395717243eee8234
    SHA-256: cefd571cbb183a9196a456c3d2882221e0a8118406bc8406cff0d8f6b251c810
    Size: 175.30 kB
  7. krb5-server-1.18.2-27.el8.i686.rpm
    MD5: e6ab6f8a9457176e354c5105920226cb
    SHA-256: 283f79c62a1c47a6587a432b31bb80a8b80d8ac056249544fbfdf17daa4d412e
    Size: 1.09 MB
  8. krb5-server-1.18.2-27.el8.x86_64.rpm
    MD5: a94d88a5d433809c0703e9690cdff9da
    SHA-256: fcae311e3a6a1b2aa07978847558382710211215ac409c3c38978c887b3bd28a
    Size: 1.07 MB
  9. krb5-server-ldap-1.18.2-27.el8.i686.rpm
    MD5: 76f96c0f59028a1d91bb84688284422b
    SHA-256: eb19b856b8d8c7816f22c8c3057443c34f59b05c5b8f454e9138c85e2e7cfda3
    Size: 211.11 kB
  10. krb5-server-ldap-1.18.2-27.el8.x86_64.rpm
    MD5: bdd5cb661a8e7e15af30aecb3320c1e6
    SHA-256: 91a8144c2dd1843295625ed7013890412e9dc0e9489cc2f0769a5916e7d63a0a
    Size: 205.28 kB
  11. krb5-workstation-1.18.2-27.el8.x86_64.rpm
    MD5: 2e46a41840d1af27589c717768b9c0eb
    SHA-256: a75ff8846e1893b4ff73fc3a6bbb3c8c9508e650e4e427472575f09b47264bdb
    Size: 957.21 kB
  12. libkadm5-1.18.2-27.el8.i686.rpm
    MD5: 3fec2c43c467fb8d3a90578725f4cd7e
    SHA-256: 2dc20fb7704cae78b35fc028bb6ac6930d7ea9e529c6dc783eab3cc141ee57ad
    Size: 191.27 kB
  13. libkadm5-1.18.2-27.el8.x86_64.rpm
    MD5: c93c60b51e2993edc1058fb506b62e2a
    SHA-256: a50a9d777c3d663d731d8a5c2374061988281166604f0a3b175fb52356e875cf
    Size: 186.88 kB