Per referenced URL, the KDC server in kerberos 1.8.x and 1.9.x is vulnerable to a an unauthenticated remote DoS that can crash the KDC. Patches are available to resolve this issue are available as listed in the announcement.
+*mit-krb5-1.9.1-r2 (18 Oct 2011) +*mit-krb5-1.8.4-r1 (18 Oct 2011) + + 18 Oct 2011; Eray Aslan <eras@gentoo.org> +mit-krb5-1.8.4-r1.ebuild, + +mit-krb5-1.9.1-r2.ebuild, +files/2011-006-patch-r18.patch, + +files/CVE-2011-1527.1528.1529.patch: + security bump - bug #387585 + @security: We should stabilize both: =app-crypt/mit-krb5-1.9.1-r2 =app-crypt/mit-krb5-1.8.4-r1 Thank you.
(In reply to comment #1) > > @security: We should stabilize both: > =app-crypt/mit-krb5-1.9.1-r2 > =app-crypt/mit-krb5-1.8.4-r1 > Thanks, Eray. Arches, please test and mark stable: =app-crypt/mit-krb5-1.8.4-r1 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" =app-crypt/mit-krb5-1.9.1-r2 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
amd64 both ok
amd64: Test failures, appears not a regression. See 386725 && 354459. Established history. with combo of use flags; both emerged fine. no other issues. Pass other than test phases
+ 20 Oct 2011; Tony Vroon <chainsaw@gentoo.org> mit-krb5-1.8.4-r1.ebuild, + mit-krb5-1.9.1-r2.ebuild: + Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo & Ian + "idella4" Delaney in security bug #387585.
Just to keep it up to date, CVE-2011-4151 is part of both, problem and solution, pointed here. It is almost the same behaviour of CVE-2011-1528. Via: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4151
CVE-2011-1529 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1529): The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors. CVE-2011-1528 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1528): The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. CVE-2011-1527 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1527): The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions.
x86 stable
alpha/arm/ia64/s390/sh/sparc stable
ppc/ppc64 stable, last arch done
Thanks, everyone. GLSA Vote: yes.
*** Bug 388079 has been marked as a duplicate of this bug. ***
GLSA vote: yes. Adding to existing request.
This issue was resolved and addressed in GLSA 201201-13 at http://security.gentoo.org/glsa/glsa-201201-13.xml by GLSA coordinator Sean Amoss (ackle).
