From ${URL} : It was reported that in all versions of MIT krb5, an authenticated attacker with permission to modify a principal entry can cause kadmind to dereference a null pointer by supplying an empty DB argument to the modify_principal command, if kadmind is configured to use the LDAP KDB module. Upstream patch: https://github.com/krb5/krb5/commit/08c642c09c38a9c6454ab43a9b53b2a89b9eef99 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Arches, please stabilize =app-crypt/mit-krb5-1.14.2 Target Keywords = alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86
Stable for HPPA PPC64.
amd64 stable
arm stable
Stable on alpha.
x86 stable
ppc stable
sparc stable
ia64 stable. Maintainer(s), please cleanup. Security, please vote.
cleanup done: commit 14af0646800b47b2942c2f18d5c9955d8d73717a Author: Eray Aslan <eras@gentoo.org> Date: Tue Jul 12 15:53:36 2016 +0300 app-crypt/mit-krb5: remove old Package-Manager: portage-2.3.0
CVE-2016-3119 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3119): The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request to modify a principal.
(In reply to Eray Aslan from comment #10) > cleanup done: > > commit 14af0646800b47b2942c2f18d5c9955d8d73717a > Author: Eray Aslan <eras@gentoo.org> > Date: Tue Jul 12 15:53:36 2016 +0300 > > app-crypt/mit-krb5: remove old > > Package-Manager: portage-2.3.0 @Eras, thanks for the work! GLSA Vote: No.
