enterprise-support team mailing list archive

[Steve Langasek <steve.langasek@xxxxxxxxxxxxx>]

This bug was fixed in the package krb5 - 1.13.2+dfsg-5
Sponsored for Sam Hartman (hartmans)

---------------
krb5 (1.13.2+dfsg-5) unstable; urgency=high

  *  Security Update
  * Verify decoded kadmin C strings [CVE-2015-8629]
    CVE-2015-8629: An authenticated attacker can cause kadmind to read
    beyond the end of allocated memory by sending a string without a
    terminating zero byte. Information leakage may be possible for an
    attacker with permission to modify the database. (Closes: #813296)
  * Check for null kadm5 policy name [CVE-2015-8630]
    CVE-2015-8630: An authenticated attacker with permission to modify a
    principal entry can cause kadmind to dereference a null pointer by
    supplying a null policy value but including KADM5_POLICY in the mask.
    (Closes: #813127)
  * Fix leaks in kadmin server stubs [CVE-2015-8631]
    CVE-2015-8631: An authenticated attacker can cause kadmind to leak
    memory by supplying a null principal name in a request which uses one.
    Repeating these requests will eventually cause kadmind to exhaust all
    available memory. (Closes: #813126)


 -- Sam Hartman <hartmans@xxxxxxxxxx>  Tue, 23 Feb 2016 08:54:09 -0500

** Changed in: krb5 (Ubuntu)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8629

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8630

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8631

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to krb5 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1550470

Title:
  Sync krb5 1.13.2+dfsg-5 (main) from Debian unstable (main)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1550470/+subscriptions