Univention Bugzilla – Bug 52325
krb5: Multiple issues (4.4)
Last modified: 2020-11-11 17:03:47 CET
New Debian krb5 1.15-1+deb9u2 fixes: This update addresses the following issue: * MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. (CVE-2020-28196)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/krb5_1.15-1+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-6/source/krb5_1.15-1+deb9u2.dsc @@ -1,3 +1,9 @@ +1.15-1+deb9u2 [Sat, 07 Nov 2020 12:28:14 +0000] Chris Lamb <lamby@debian.org>: + + * CVE-2020-28196: Prevent an issue where the lack of a limit in the ASN.1 + decoder could lead to infinite recursion and allow an attacker to overrun + the stack and cause the process to crash. (Closes: #973880) + 1.15-1+deb9u1 [Wed, 09 Aug 2017 12:19:50 -0400] Sam Hartman <hartmans@debian.org>: * CVE-2017-11368: Remote authenticated attackers can crash the KDC, <http://10.200.17.11/4.4-6/#6694625248026543905>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-6] 5784408086 Bug #52325: yaml doc/errata/staging/krb5.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x798>