Security update for krb5 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:1997-1 Final 1 1 2015-11-04T17:59:42Z current 2015-11-04T17:59:42Z 2015-11-04T17:59:42Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for krb5 krb5 was updated to fix three security issues. These security issues were fixed: - CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. (bsc#952188). - CVE-2015-2696: Applications which call gss_inquire_context() on a partially-established IAKERB context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. (bsc#952189). - CVE-2015-2697: Incorrect string handling in build_principal_va can lead to DOS (bsc#952190). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html E-Mail link for openSUSE-SU-2015:1997-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 krb5-1.12.1-21.1 krb5-32bit-1.12.1-21.1 krb5-client-1.12.1-21.1 krb5-devel-1.12.1-21.1 krb5-devel-32bit-1.12.1-21.1 krb5-doc-1.12.1-21.1 krb5-mini-1.12.1-21.1 krb5-mini-devel-1.12.1-21.1 krb5-plugin-kdb-ldap-1.12.1-21.1 krb5-plugin-preauth-otp-1.12.1-21.1 krb5-plugin-preauth-pkinit-1.12.1-21.1 krb5-server-1.12.1-21.1 krb5-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-32bit-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-client-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-devel-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-devel-32bit-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-doc-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-mini-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-mini-devel-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-plugin-kdb-ldap-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-plugin-preauth-otp-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-plugin-preauth-pkinit-1.12.1-21.1 as a component of openSUSE Leap 42.1 krb5-server-1.12.1-21.1 as a component of openSUSE Leap 42.1 lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. CVE-2015-2695 openSUSE Leap 42.1:krb5-1.12.1-21.1 openSUSE Leap 42.1:krb5-32bit-1.12.1-21.1 openSUSE Leap 42.1:krb5-client-1.12.1-21.1 openSUSE Leap 42.1:krb5-devel-1.12.1-21.1 openSUSE Leap 42.1:krb5-devel-32bit-1.12.1-21.1 openSUSE Leap 42.1:krb5-doc-1.12.1-21.1 openSUSE Leap 42.1:krb5-mini-1.12.1-21.1 openSUSE Leap 42.1:krb5-mini-devel-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-kdb-ldap-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-preauth-otp-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-preauth-pkinit-1.12.1-21.1 openSUSE Leap 42.1:krb5-server-1.12.1-21.1 important 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html https://www.suse.com/security/cve/CVE-2015-2695.html CVE-2015-2695 https://bugzilla.suse.com/770172 SUSE Bug 770172 https://bugzilla.suse.com/952188 SUSE Bug 952188 https://bugzilla.suse.com/969771 SUSE Bug 969771 lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call. CVE-2015-2696 openSUSE Leap 42.1:krb5-1.12.1-21.1 openSUSE Leap 42.1:krb5-32bit-1.12.1-21.1 openSUSE Leap 42.1:krb5-client-1.12.1-21.1 openSUSE Leap 42.1:krb5-devel-1.12.1-21.1 openSUSE Leap 42.1:krb5-devel-32bit-1.12.1-21.1 openSUSE Leap 42.1:krb5-doc-1.12.1-21.1 openSUSE Leap 42.1:krb5-mini-1.12.1-21.1 openSUSE Leap 42.1:krb5-mini-devel-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-kdb-ldap-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-preauth-otp-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-preauth-pkinit-1.12.1-21.1 openSUSE Leap 42.1:krb5-server-1.12.1-21.1 important 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html https://www.suse.com/security/cve/CVE-2015-2696.html CVE-2015-2696 https://bugzilla.suse.com/770172 SUSE Bug 770172 https://bugzilla.suse.com/952189 SUSE Bug 952189 https://bugzilla.suse.com/954204 SUSE Bug 954204 The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request. CVE-2015-2697 openSUSE Leap 42.1:krb5-1.12.1-21.1 openSUSE Leap 42.1:krb5-32bit-1.12.1-21.1 openSUSE Leap 42.1:krb5-client-1.12.1-21.1 openSUSE Leap 42.1:krb5-devel-1.12.1-21.1 openSUSE Leap 42.1:krb5-devel-32bit-1.12.1-21.1 openSUSE Leap 42.1:krb5-doc-1.12.1-21.1 openSUSE Leap 42.1:krb5-mini-1.12.1-21.1 openSUSE Leap 42.1:krb5-mini-devel-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-kdb-ldap-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-preauth-otp-1.12.1-21.1 openSUSE Leap 42.1:krb5-plugin-preauth-pkinit-1.12.1-21.1 openSUSE Leap 42.1:krb5-server-1.12.1-21.1 moderate 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html https://www.suse.com/security/cve/CVE-2015-2697.html CVE-2015-2697 https://bugzilla.suse.com/770172 SUSE Bug 770172 https://bugzilla.suse.com/952190 SUSE Bug 952190