Summary: | <app-crypt/mit-krb5-1.9.4-r1 : KDC Two Memory Corruption Vulnerabilities (CVE-2012-{1014,1015}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | kerberos |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/50041/ | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2012-08-01 09:56:25 UTC
+*mit-krb5-1.10.2-r1 (01 Aug 2012) +*mit-krb5-1.9.4-r1 (01 Aug 2012) + + 01 Aug 2012; Eray Aslan <eras@gentoo.org> +mit-krb5-1.9.4-r1.ebuild, + +mit-krb5-1.10.2-r1.ebuild, +files/CVE-2012-1014.patch, + +files/CVE-2012-1015.patch: + Security bump - bug #429324 + @security: We should stabilize both =app-crypt/mit-krb5-1.9.4-r1 and =app-crypt/mit-krb5-1.10.2-r1. But please note that =app-crypt/mit-krb5-1.10.2-r1 has additional keyword/stabilization requirements - see bug #412489. (In reply to comment #1) > @security: We should stabilize both =app-crypt/mit-krb5-1.9.4-r1 and > =app-crypt/mit-krb5-1.10.2-r1. But please note that > =app-crypt/mit-krb5-1.10.2-r1 has additional keyword/stabilization > requirements - see bug #412489. 1.10 never had stable keyword, so no need to stabilize here and cause delay because of missing keywords. We stabilize only 1.9. Arches, please test and mark stable: =app-crypt/mit-krb5-appl-1.9.4-r1 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" x86 stable amd64 stable (In reply to comment #2) > Arches, please test and mark stable: > =app-crypt/mit-krb5-appl-1.9.4-r1 > Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" =app-crypt/mit-krb5-1.9.4-r1 Stable for HPPA. CVE-2012-1015 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1015): The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request. CVE-2012-1014 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1014): The process_as_req function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x before 1.10.3 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a malformed AS-REQ request. arm stable alpha/ia64/s390/sh/sparc stable ppc/ppc64 stable, last arch done Thanks, everyone. New GLSA request filed. This issue was resolved and addressed in GLSA 201312-12 at http://security.gentoo.org/glsa/glsa-201312-12.xml by GLSA coordinator Sergey Popov (pinkbyte). |