krb5-1.13.2-12.el7
エラータID: AXSA:2016-190:01
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of sending passwords over the network in unencrypted form.
Security issues fixed with this release:
CVE-2015-8629
The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in
MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does
not verify whether '\0' characters exist as expected, which allows
remote authenticated users to obtain sensitive information or cause a
denial of service (out-of-bounds read) via a crafted string.
CVE-2015-8630
The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal
functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos
5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1
allow remote authenticated users to cause a denial of service (NULL
pointer dereference and daemon crash) by specifying KADM5_POLICY with
a NULL policy name.
CVE-2015-8631
Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in
MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow
remote authenticated users to cause a denial of service (memory
consumption) via a request specifying a NULL principal name.
Security Fix(es):
Update packages.
The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.
The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.
Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.
N/A
SRPMS
- krb5-1.13.2-12.el7.src.rpm
MD5: 5ef6531f09b0b6cc5d15bc98bfbfeabc
SHA-256: b4b750a9e93ca221af4dc1c64af9767435de0b8f0313aebf66ebc4b3087e925f
Size: 13.24 MB
Asianux Server 7 for x86_64
- krb5-devel-1.13.2-12.el7.x86_64.rpm
MD5: 80a881be9db621b57f0c4679ead498c1
SHA-256: b98ad06d9de3513efc9130fadd670269829286081cfd3e19dff65d93e5f4a18e
Size: 648.53 kB - krb5-libs-1.13.2-12.el7.x86_64.rpm
MD5: 7b82c5d287a781659923ca654d192b83
SHA-256: a9aa884de6a13f090c7bf6d01d7bbf27e6b28f6a1989fe37b2a784e61d811625
Size: 842.35 kB - krb5-server-1.13.2-12.el7.x86_64.rpm
MD5: d8fe560d23e1144e627bba22c258eb58
SHA-256: 4347ffc15c43fd9621ce9a92a3f15df1a520a7e2721abeb84aaee7b25e0e69b1
Size: 919.82 kB - krb5-server-ldap-1.13.2-12.el7.x86_64.rpm
MD5: 3a9089d693b263d465cbbffe520bbab8
SHA-256: 22f78b1dca76db97d02cbd28cdb3e09348eb3d99b29f6916c824a1bf5c8a1cd7
Size: 181.20 kB - krb5-workstation-1.13.2-12.el7.x86_64.rpm
MD5: 247a768305e04696a7030f0cc945a0ff
SHA-256: 43ad04a32d1119ccda2d847d7cff71ea9fea501a5ef29679cb7660b2e3aa21cc
Size: 764.43 kB - krb5-devel-1.13.2-12.el7.i686.rpm
MD5: 1b45f6d9a12af7a408c4b4f6aa571602
SHA-256: 6e798de7fcce791f12e90df67556da1c0d7a2429279943fa05e948a878cab937
Size: 647.48 kB - krb5-libs-1.13.2-12.el7.i686.rpm
MD5: a5fbd59413cbd7deaf74c02ed7e19e52
SHA-256: 7661030b2cba1b4f4e8625629cab61bb0016069297182968d7b0aeb95405a22f
Size: 836.78 kB