Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name. CVE: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8631 Upstream Fix: https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2
CVE 8629: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8629 Upstream Fix: https://github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2
app-crypt/mit-krb5-1.14.1 is in the tree. Arches please test and mark stable =app-crypt/mit-krb5-1.14.1 Target Keywords = alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86
amd64 stable
Stable for PPC64.
Stable for HPPA.
arm stable
x86 stable
Stable on alpha.
ppc stable
sparc stable
ia64 stable. Maintainer(s), please cleanup. Security, please vote.
GLSA Vote: No