krb5-1.18.2-29.el8_10
エラータID: AXSA:2024-8657:03
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).
Security Fix(es):
* krb5: GSS message token handling (CVE-2024-37371)
* krb5: GSS message token handling (CVE-2024-37370)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-37370
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
CVE-2024-37371
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
Update packages.
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
N/A
SRPMS
- krb5-1.18.2-29.el8_10.src.rpm
MD5: c8a68fec975b3cf757770b83bc888dc4
SHA-256: 4f12e949d3b020e5177ebe193052966f69201c421c8e2c4dae51e0ffd52613a8
Size: 9.88 MB
Asianux Server 8 for x86_64
- krb5-devel-1.18.2-29.el8_10.i686.rpm
MD5: 37550364284bc40265c4623b42af344b
SHA-256: 42c50446b46655980e7b0c870d7c1daf8458b5233ab92a8f0950bf65f6834e95
Size: 561.12 kB - krb5-devel-1.18.2-29.el8_10.x86_64.rpm
MD5: 76fe241f45ba5e8352cb38cbd92cec46
SHA-256: d2e0f7753f06140f0c28bfc14570a0fea1450d24728a9c11c5a5372740afcd83
Size: 561.38 kB - krb5-libs-1.18.2-29.el8_10.i686.rpm
MD5: b194401bf32fe005921db45ff34f0b47
SHA-256: 04910ee58d1b95d3b351eaeb4eb118f0f0e637832e623fcb887b6d2422c6fdc9
Size: 900.75 kB - krb5-libs-1.18.2-29.el8_10.x86_64.rpm
MD5: 299091152b666292b8e631fe3a1c8891
SHA-256: 9362ff9807fa19bab1b4eedf781dc30634b762f7b85ac9203e8d5a8f0e425395
Size: 842.50 kB - krb5-pkinit-1.18.2-29.el8_10.i686.rpm
MD5: 4b3865c15df14cef753051e77f84cd91
SHA-256: 370e2c7a8a17d606170ba13224ec0c8ebf372ab4f6cfe7e56031bb9e5c01fe2e
Size: 181.12 kB - krb5-pkinit-1.18.2-29.el8_10.x86_64.rpm
MD5: f6b53082929f0603d7731172d74ca067
SHA-256: adc4211f82961ade2fa22df599a77a34fc7b50396afc66b4a5558cb45e7874aa
Size: 175.75 kB - krb5-server-1.18.2-29.el8_10.i686.rpm
MD5: 2f4cf4d150804891ea32cf772980a860
SHA-256: 34ad58dc3c87883e811276882434699a18ea52ac95a6cad27c7914dd0a41f3a4
Size: 1.09 MB - krb5-server-1.18.2-29.el8_10.x86_64.rpm
MD5: 6c3336527d244e18c8dd5ec3bea7f90d
SHA-256: ea3a2fb3a348d2894fdbbfb7c6b2bda772ad0972d9208b0c1df2881931d3ee33
Size: 1.07 MB - krb5-server-ldap-1.18.2-29.el8_10.i686.rpm
MD5: 571c732ab8a3e31b58f19581d4138199
SHA-256: c6d37390f30c2918ba7f0111266e5d65c84f83b02cd363da9c6f9592786505fe
Size: 211.56 kB - krb5-server-ldap-1.18.2-29.el8_10.x86_64.rpm
MD5: 0976f7d7cd95c8432e803d88243e5260
SHA-256: 7ff6b297b98b6e650a5f0d285c8658c72353b1ba300292127ec1fb365bd2993b
Size: 205.80 kB - krb5-workstation-1.18.2-29.el8_10.x86_64.rpm
MD5: 0c7b647c69ef1311c315df2b587ec48e
SHA-256: 30b28b837fc065b56e7476a1d440c2e75b34b31a463354e4d58b79520d3ef795
Size: 957.70 kB - libkadm5-1.18.2-29.el8_10.i686.rpm
MD5: 1e374fb20947b3763436ea30764d2ef6
SHA-256: 3c8d55b587bee0e31727ac9b910c5b62c1953fc7aff46e7a60cda31ccbddf396
Size: 191.62 kB - libkadm5-1.18.2-29.el8_10.x86_64.rpm
MD5: 8a411c56abe40f0d31a5880c77973243
SHA-256: 9f7eb1650ba97e13b29838477d6c0aa47e7e6ac875510b29d5779a12dddbac3d
Size: 187.32 kB
日本語