CVE-2017-15088 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15088): plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.
@Maintainers could you confirm if we are affected? Thank you
app-crypt/mit-krb5-1.15.2 is vulnerable. Arches, please test and mark stable =app-crypt/mit-krb5-1.15.2-r1 Target Keywords = alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86
amd64 stable
x86 stable
hppa stable
ppc/ppc64 stable
arm stable
ia64 stable
Stable on alpha.
GLSA request filed. @maintainer(s), please clean the vulnerable version from the tree (note that sparc is now an exp profile and has a previous stable keyword).
After further discussion with other team members, this vulnerability is not relevant to Gentoo. It only impacts Redhat's MIT KRB5 implementation due to additional code/changes. Upstream is not impacted and as such Gentoo is not.