Univention Bugzilla – Bug 53866
krb5: Multiple issues (4.4)
Last modified: 2021-10-06 17:05:53 CEST
New Debian krb5 1.15-1+deb9u3 fixes: This update addresses the following issues: * null dereference in kadmind or DN container check bypass by supplying special crafted data (CVE-2018-5729) * DN container check bypass by supplying special crafted data (CVE-2018-5730) * Reachable assertion in the KDC using S4U2Self requests (CVE-2018-20217) * NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field (CVE-2021-37750)
--- mirror/ftp/4.4/unmaintained/4.4-7/source/krb5_1.15-1+deb9u2.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/krb5_1.15-1+deb9u3.dsc @@ -1,3 +1,10 @@ +1.15-1+deb9u3 [Thu, 30 Sep 2021 16:30:13 +0300] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2018-5729, CVE-2018-5730: Fix flaws in LDAP DN checking. + * CVE-2018-20217: Ignore password attributes for S4U2Self requests. + * CVE-2021-37750: Fix KDC null deref on TGS inner body null server. + 1.15-1+deb9u2 [Sat, 07 Nov 2020 12:28:14 +0000] Chris Lamb <lamby@debian.org>: * CVE-2020-28196: Prevent an issue where the lack of a limit in the ASN.1 <http://piuparts.knut.univention.de/4.4-8/#6694625248027626430>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] 14175405a5 Bug #53866: krb5 1.15-1+deb9u3 doc/errata/staging/krb5.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1063>