Summary: | <app-crypt/mit-krb5-{1.8.4-r1,1.9.1-r2} kdc remote unauthenticated DoS (CVE-2011-{1527,1528,1529,4151}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Paul B. Henson <henson> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | glsamaker, kerberos |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-006.txt | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Paul B. Henson
2011-10-18 18:56:52 UTC
+*mit-krb5-1.9.1-r2 (18 Oct 2011) +*mit-krb5-1.8.4-r1 (18 Oct 2011) + + 18 Oct 2011; Eray Aslan <eras@gentoo.org> +mit-krb5-1.8.4-r1.ebuild, + +mit-krb5-1.9.1-r2.ebuild, +files/2011-006-patch-r18.patch, + +files/CVE-2011-1527.1528.1529.patch: + security bump - bug #387585 + @security: We should stabilize both: =app-crypt/mit-krb5-1.9.1-r2 =app-crypt/mit-krb5-1.8.4-r1 Thank you. (In reply to comment #1) > > @security: We should stabilize both: > =app-crypt/mit-krb5-1.9.1-r2 > =app-crypt/mit-krb5-1.8.4-r1 > Thanks, Eray. Arches, please test and mark stable: =app-crypt/mit-krb5-1.8.4-r1 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" =app-crypt/mit-krb5-1.9.1-r2 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86" Stable for HPPA. amd64 both ok amd64: Test failures, appears not a regression. See 386725 && 354459. Established history. with combo of use flags; both emerged fine. no other issues. Pass other than test phases + 20 Oct 2011; Tony Vroon <chainsaw@gentoo.org> mit-krb5-1.8.4-r1.ebuild, + mit-krb5-1.9.1-r2.ebuild: + Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo & Ian + "idella4" Delaney in security bug #387585. Just to keep it up to date, CVE-2011-4151 is part of both, problem and solution, pointed here. It is almost the same behaviour of CVE-2011-1528. Via: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4151 CVE-2011-1529 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1529): The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors. CVE-2011-1528 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1528): The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function. CVE-2011-1527 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1527): The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a kinit operation with incorrect string case for the realm, related to the is_principal_in_realm, krb5_set_error_message, krb5_ldap_get_principal, and process_as_req functions. x86 stable alpha/arm/ia64/s390/sh/sparc stable ppc/ppc64 stable, last arch done Thanks, everyone. GLSA Vote: yes. *** Bug 388079 has been marked as a duplicate of this bug. *** GLSA vote: yes. Adding to existing request. This issue was resolved and addressed in GLSA 201201-13 at http://security.gentoo.org/glsa/glsa-201201-13.xml by GLSA coordinator Sean Amoss (ackle). |