Summary: | <app-crypt/mit-krb5-1.12.2: buffer overrun in kadmind with LDAP backend (MITKRB5-SA-2014-001) (CVE-2014-4345) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | kerberos |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1128157 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-08-09 17:15:04 UTC
+*mit-krb5-1.12.2 (13 Aug 2014) + + 13 Aug 2014; Eray Aslan <eras@gentoo.org> +mit-krb5-1.12.2.ebuild: + Security bump - bug #519518 + Arches, please test and mark stabile =app-crypt/mit-krb5-1.12.2. Thank you. Target keywords: "alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86" Stable for HPPA. CVE-2014-4345 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4345): Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authenticated users to cause a denial of service (buffer overflow) or possibly execute arbitrary code via a series of "cpw -keepold" commands. Arches, please test and mark stable: =app-crypt/mit-krb5-1.12.2 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 spark x86" Thank you! amd64 stable x86 stable ia64 stable ppc64 stable ppc stable alpha stable arm stable sparc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. This issue was resolved and addressed in GLSA 201412-53 at http://security.gentoo.org/glsa/glsa-201412-53.xml by GLSA coordinator Mikle Kolyada (Zlogene). |