UbuntuUpdates.org

Package "libkdb5-7"

Name: libkdb5-7

Description:

MIT Kerberos runtime libraries - Kerberos database

Latest version: 1.12+dfsg-2ubuntu5.4
Release: trusty (14.04)
Level: updates
Repository: main
Head package: krb5
Homepage: http://web.mit.edu/kerberos/

Links


Download "libkdb5-7"


Other versions of "libkdb5-7" in Trusty

Repository Area Version
base main 1.12+dfsg-2ubuntu4
security main 1.12+dfsg-2ubuntu5.4

Changelog

Version: 1.12+dfsg-2ubuntu5.4 2019-01-10 21:06:29 UTC

  krb5 (1.12+dfsg-2ubuntu5.4) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted string
    - debian/patches/CVE-2015-8629.patch: Verify decode kadmin C strings
    - CVE-2015-8629
  * SECURITY UPDATE: DoS (NULL pointer dereference) by specifying KADM5_POLICY
    with a NULL policy name
    - debian/patches/CVE-2015-8630.patch: Check for null kadm5 policy name
    - CVE-2015-8630
  * SECURITY UPDATE: DoS (memory consumption) via a request specifying a NULL
    principal name
    - debian/patches/CVE-2015-8631.patch: Fix leaks in kadmin server stubs
    - CVE-2015-8631
  * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to
    modify a principal
    - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on
      empty arg
    - CVE-2016-3119
  * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request
    - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon
      is restricted
    - CVE-2016-3120
  * SECURITY UPDATE: KDC assertion failure
    - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status
      assertion failures
    - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment
    - CVE-2017-11368
  * SECURITY UPDATE: Double free vulnerability
    - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept
      failure
    - CVE-2017-11462
  * SECURITY UPDATE: Authenticated kadmin with permission to add principals
    to an LDAP Kerberos can DoS or bypass DN container check.
    - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN
      checking
    - CVE-2018-5729
    - CVE-2018-5730

 -- Eduardo Barretto <email address hidden> Wed, 09 Jan 2019 14:01:22 -0200

Source diff to previous version
CVE-2015-8629 The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verif
CVE-2015-8630 The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.
CVE-2015-8631 Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote aut
CVE-2016-3119 The process_db_args function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) through
CVE-2016-3120 The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.
CVE-2017-11368 In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requ
CVE-2017-11462 Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of securi
CVE-2018-5729 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NUL
CVE-2018-5730 MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership

Version: 1.12+dfsg-2ubuntu5.3 2017-01-23 17:06:45 UTC

  krb5 (1.12+dfsg-2ubuntu5.3) trusty; urgency=medium

  * d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch:
    Cherry-pick from upstream to add SPNEGO special case for
    NTLMSSP+MechListMIC. LP: #1643708.

 -- Steve Langasek <email address hidden> Mon, 21 Nov 2016 18:14:47 -0800

Source diff to previous version
1643708 Add SPNEGO special case for NTLMSSP+MechListMIC

Version: 1.12+dfsg-2ubuntu5.2 2015-11-12 20:06:29 UTC

  krb5 (1.12+dfsg-2ubuntu5.2) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via incorrect null bytes
    - d/p/0030-Fix-krb5_read_message-handling-CVE-2014-5355.patch:
      properly handle null bytes in src/appl/user_user/server.c,
      src/lib/krb5/krb/recvauth.c.
    - CVE-2015-5355
  * SECURITY UPDATE: preauthentication requirement bypass in kdcpreauth
    - d/p/0031-Prevent-requires_preauth-bypass-CVE-2015-2694.patch:
      improve logic in src/plugins/preauth/otp/main.c,
      src/plugins/preauth/pkinit/pkinit_srv.c.
    - CVE-2015-2694
  * SECURITY UPDATE: SPNEGO context aliasing bugs
    - d/p/0031-Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch:
      improve logic in src/lib/gssapi/spnego/gssapiP_spnego.h,
      src/lib/gssapi/spnego/spnego_mech.c.
    - d/p/0036-Fix-SPNEGO-context-import.patch: fix SPNEGO context import
      in src/lib/gssapi/spnego/spnego_mech.c.
    - CVE-2015-2695
  * SECURITY UPDATE: IAKERB context aliasing bugs
    - d/p/0032-Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch:
      improve logic in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - d/p/0034-Fix-two-IAKERB-comments.patch: fix comments in
      src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2696
  * SECURITY UPDATE: KDC crash via invalid string processing
    - d/p/0033-Fix-build_principal-memory-bug-CVE-2015-2697.patch:
      use k5memdup0() instead of strdup() in src/lib/krb5/krb/bld_princ.c.
    - CVE-2015-2697
  * SECURITY UPDATE: memory corruption in IAKERB context export/import
    - d/p/0035-Fix-IAKERB-context-export-import-CVE-2015-2698.patch:
      dereferencing the context_handle pointer before casting it in
      and implement implement an IAKERB gss_import_sec_context() function
      in src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c, src/lib/gssapi/krb5/iakerb.c.
    - CVE-2015-2698

 -- Marc Deslauriers Wed, 11 Nov 2015 09:08:08 -0500

Source diff to previous version
CVE-2014-5355 MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' charac
CVE-2015-5355 Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via t
CVE-2015-2694 The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validat
CVE-2015-2695 lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to
CVE-2015-2696 lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a
CVE-2015-2697 The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a den
CVE-2015-2698 memory corruption caused due to original patch for CVE-2015-2696

Version: 1.12+dfsg-2ubuntu5.1 2015-02-10 22:06:34 UTC

  krb5 (1.12+dfsg-2ubuntu5.1) trusty-security; urgency=medium

  * SECURITY UPDATE: ticket forging via old keys
    - debian/patches/CVE-2014-5321.patch: return only new keys in
      src/lib/kadm5/srv/svr_principal.c.
    - CVE-2014-5321
  * SECURITY UPDATE: use-after-free and double-free memory access
    violations
    - debian/patches/CVE-2014-5352.patch: properly handle context deletion
      in src/lib/gssapi/krb5/context_time.c,
      src/lib/gssapi/krb5/export_sec_context.c,
      src/lib/gssapi/krb5/gssapiP_krb5.h,
      src/lib/gssapi/krb5/gssapi_krb5.c,
      src/lib/gssapi/krb5/inq_context.c,
      src/lib/gssapi/krb5/k5seal.c,
      src/lib/gssapi/krb5/k5sealiov.c,
      src/lib/gssapi/krb5/k5unseal.c,
      src/lib/gssapi/krb5/k5unsealiov.c,
      src/lib/gssapi/krb5/lucid_context.c,
      src/lib/gssapi/krb5/prf.c,
      src/lib/gssapi/krb5/process_context_token.c,
      src/lib/gssapi/krb5/wrap_size_limit.c.
    - CVE-2014-5352
  * SECURITY UPDATE: denial of service via LDAP query with no results
    - debian/patches/CVE-2014-5353.patch: properly handle policy name in
      src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c.
    - CVE-2014-5353
  * SECURITY UPDATE: denial of service via database entry for a keyless
    principal
    - debian/patches/CVE-2014-5354.patch: support keyless principals in
      src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c.
    - CVE-2014-5354
  * SECURITY UPDATE: denial of service or code execution in kadmind XDR
    data processing
    - debian/patches/CVE-2014-9421.patch: fix double free in
      src/lib/kadm5/kadm_rpc_xdr.c, src/lib/rpc/auth_gssapi_misc.c.
    - CVE-2014-9421
  * SECURITY UPDATE: impersonation attack via two-component server
    principals
    - debian/patches/CVE-2014-9422.patch: fix kadmind server validation in
      src/kadmin/server/kadm_rpc_svc.c.
    - CVE-2014-9422
  * SECURITY UPDATE: gssrpc data leakage
    - debian/patches/CVE-2014-9423.patch: fix leakage in
      src/lib/gssapi/mechglue/mglueP.h, src/lib/rpc/svc_auth_gss.c.
    - CVE-2014-9423
 -- Marc Deslauriers <email address hidden> Fri, 06 Feb 2015 15:26:22 -0500

Source diff to previous version
CVE-2014-5321 FileMaker Pro before 13 and Pro Advanced before 13 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to s
CVE-2014-5353 The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when
CVE-2014-5354 plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote au

Version: 1.12+dfsg-2ubuntu5 2015-02-09 15:06:47 UTC

  krb5 (1.12+dfsg-2ubuntu5) trusty; urgency=low

  * Use ADD_METHOD_NOLOOP rather than ADD_METHOD for new GSS-API entry
    points, avoids infinite recursive loop when a mechanism doesn't
    provide an entry point and does include calls back into the mechglue
    (LP: #1326500)
  * Make libkadm5srv-mit8 be arch: any multi-arch: same to work around
    upgrade bug (LP: #1334052)
  * Use tailq macros to work around GCC 4.8 optimizer bug and prevent
    infinite loop for database propagation (LP: #1347147)
 -- Sam Hartman <email address hidden> Wed, 30 Jul 2014 21:06:49 -0400

1326500 libgssapi-krb5-2: segfault when mechglue loops endlessly on call to gss_add_cred_from
1334052 package libkadm5srv-mit8 1.10.1+dfsg-6.1ubuntu1 failed to install/upgrade: libkadm5srv-mit8:all 1.12+dfsg-2ubuntu4 (Multi-Arch: no) kann nicht zusamm
1347147 krb5 database operations enter infinite loop



About   -   Send Feedback to @ubuntu_updates