UbuntuUpdates.org

Package "libroken18-heimdal"

Name: libroken18-heimdal

Description:

Heimdal Kerberos - roken support library

Latest version: 7.7.0+dfsg-1ubuntu1.4
Release: focal (20.04)
Level: security
Repository: main
Head package: heimdal
Homepage: http://www.h5l.org/

Links


Download "libroken18-heimdal"


Other versions of "libroken18-heimdal" in Focal

Repository Area Version
base main 7.7.0+dfsg-1ubuntu1
updates main 7.7.0+dfsg-1ubuntu1.4

Changelog

Version: 7.7.0+dfsg-1ubuntu1.4 2023-02-08 14:07:10 UTC

  heimdal (7.7.0+dfsg-1ubuntu1.4) focal-security; urgency=medium

  * SECURITY UPDATE: signature validation failure
    - debian/patches/CVE-2022-45142.patch: fix logic inversion issue caused
      by the fix for CVE-2022-3437 when using memcmp in
      _gssapi_verify_mic_arcfour() and _gssapi_unwrap_arcfour() in
      lib/gssapi/krb5/arcfour.c.
    - CVE-2022-45142

 -- Rodrigo Figueiredo Zaiden <email address hidden> Mon, 06 Feb 2023 15:32:21 -0300

Source diff to previous version
CVE-2022-45142 gsskrb5: fix accidental logic inversions
CVE-2022-3437 Buffer overflow in Heimdal unwrap_des3()

Version: 7.7.0+dfsg-1ubuntu1.3 2023-01-12 17:07:31 UTC

  heimdal (7.7.0+dfsg-1ubuntu1.3) focal-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2021-44758.patch: add a call to send_reject() when
      preferred_mech_type is GSS_C_NO_OID in
      lib/gssapi/spnego/accept_sec_context.c.
    - debian/patches/CVE-2021-44758-post.patch: remove grep command in test
      file tests/gss/check-context.in to prevent FTBFS.
    - CVE-2021-44758
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2022-3437-1.patch: change calls to memcmp with
      ct_memcmp in lib/gssapi/krb5/arcfour.c.
    - debian/patches/CVE-2022-3437-2.patch: change calls to memcmp with
      ct_memcmp in lib/gssapi/krb5/unwrap.c
    - debian/patches/CVE-2022-3437-3.patch: add NULL pointer checks before
      memcpy in lib/gssapi/krb5/unwrap.c.
    - debian/patches/CVE-2022-3437-4.patch: change logic on pad buffer
      hanlding in _gssapi_verify_pad() in lib/gssapi/krb5/decapsulate.c.
    - debian/patches/CVE-2022-3437-5.patch: add buffer boundary checks in
      _gssapi_verify_mech_header() in lib/gssapi/krb5/decapsulate.c
    - debian/patches/CVE-2022-3437-6.patch: add buffer length checks in
      lib/gssapi/krb5/unwrap.c.
    - debian/patches/CVE-2022-3437-7.patch: add buffer length checks in
      _gsskrb5_get_mech() in lib/gssapi/krb5/decapsulate.c.
    - debian/patches/CVE-2022-3437-8.patch: change buffer length parameter
      when calling _gssapi_verify_pad() in lib/gssapi/krb5/unwrap.c.
    - CVE-2022-3437
  * SECURITY UPDATE: integer overflow
    - debian/patches/CVE-2022-42898-1.patch: change logic on PAC buffer
      parsing in lib/krb5/pac.c.
    - debian/patches/CVE-2022-42898-2.patch: change variable type from
      unsigned long to uint64_t in lib/krb5/store-int.c.
    - CVE-2022-42898
  * SECURITY UPDATE: invalid free
    - debian/patches/CVE-2022-44640.patch: relocates a call to fprintf and
      parameters when calling it in decode_type() in lib/asn1/gen_decode.c
      and add a call to fprintf in free_type() in lib/asn1/gen_free.c.
    - CVE-2022-44640

 -- Rodrigo Figueiredo Zaiden <email address hidden> Wed, 11 Jan 2023 19:34:10 -0300

Source diff to previous version
CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzer
CVE-2022-3437 Buffer overflow in Heimdal unwrap_des3()
CVE-2022-42898 PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC,
CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Cen

Version: 7.7.0+dfsg-1ubuntu1.2 2022-12-07 23:06:28 UTC

  heimdal (7.7.0+dfsg-1ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds memory access
    - debian/patches/CVE-2022-41916.patch: move variable assignment and
      increment to be done later in time to prevent unintended read in
      find_composition() in lib/wind/normalize.c.
    - CVE-2022-41916

 -- Rodrigo Figueiredo Zaiden <email address hidden> Wed, 07 Dec 2022 15:14:12 -0300

Source diff to previous version
CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal

Version: 7.7.0+dfsg-1ubuntu1.1 2022-10-13 17:06:32 UTC

  heimdal (7.7.0+dfsg-1ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference when handling missing sname in
    TGS-REQ
    - debian/patches/CVE-2021-3671.patch: validate sname in TGS-REQ (kdc).
    - CVE-2021-3671
  * SECURITY UPDATE: NULL pointer dereference in SPNEGO
    - debian/patches/CVE-2022-3116.patch: fix NULL pointer dereference
      (spnego).
    - CVE-2022-3116

 -- Camila Camargo de Matos <email address hidden> Tue, 11 Oct 2022 14:48:22 -0300

CVE-2021-3671 A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authen
CVE-2022-3116 RESERVED



About   -   Send Feedback to @ubuntu_updates