SUSE-SU-2018:0846-1

Source
https://www.suse.com/support/update/announcement/2018/suse-su-20180846-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0846-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:0846-1
Related
Published
2018-03-29T12:02:46Z
Modified
2018-03-29T12:02:46Z
Summary
Security update for krb5
Details

This update for krb5 provides the following fixes:

Security issues fixed:

  • CVE-2018-5730: DN container check bypass by supplying special crafted data (bsc#1083927).
  • CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data (bsc#1083926).

Non-security issues fixed:

  • Make it possible for legacy applications (e.g. SAP Netweaver) to remain compatible with newer Kerberos. System administrators who are experiencing this kind of compatibility issues may set the environment variable GSSAPIASSUMEMECH_MATCH to a non-empty value, and make sure the environment variable is visible and effective to the application startup script. (bsc#1057662)
  • Fix a GSS failure in legacy applications by not indicating deprecated GSS mechanisms in gssindicatemech() list. (bsc#1081725)
References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP2 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5": "1.12.5-40.23.2",
            "krb5-32bit": "1.12.5-40.23.2",
            "krb5-client": "1.12.5-40.23.2"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP3 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5": "1.12.5-40.23.2",
            "krb5-32bit": "1.12.5-40.23.2",
            "krb5-client": "1.12.5-40.23.2"
        }
    ]
}

SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5-doc": "1.12.5-40.23.2",
            "krb5-plugin-preauth-otp": "1.12.5-40.23.2",
            "krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
            "krb5-client": "1.12.5-40.23.2",
            "krb5": "1.12.5-40.23.2",
            "krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
            "krb5-server": "1.12.5-40.23.2"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP2 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5-devel": "1.12.5-40.23.2"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP3 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5-devel": "1.12.5-40.23.2"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5-doc": "1.12.5-40.23.2",
            "krb5-plugin-preauth-otp": "1.12.5-40.23.2",
            "krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
            "krb5-client": "1.12.5-40.23.2",
            "krb5": "1.12.5-40.23.2",
            "krb5-32bit": "1.12.5-40.23.2",
            "krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
            "krb5-server": "1.12.5-40.23.2"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5-doc": "1.12.5-40.23.2",
            "krb5-plugin-preauth-otp": "1.12.5-40.23.2",
            "krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
            "krb5-client": "1.12.5-40.23.2",
            "krb5": "1.12.5-40.23.2",
            "krb5-32bit": "1.12.5-40.23.2",
            "krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
            "krb5-server": "1.12.5-40.23.2"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5-doc": "1.12.5-40.23.2",
            "krb5-plugin-preauth-otp": "1.12.5-40.23.2",
            "krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
            "krb5-client": "1.12.5-40.23.2",
            "krb5": "1.12.5-40.23.2",
            "krb5-32bit": "1.12.5-40.23.2",
            "krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
            "krb5-server": "1.12.5-40.23.2"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / krb5

Package

Name
krb5
Purl
purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.12.5-40.23.2

Ecosystem specific

{
    "binaries": [
        {
            "krb5-doc": "1.12.5-40.23.2",
            "krb5-plugin-preauth-otp": "1.12.5-40.23.2",
            "krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
            "krb5-client": "1.12.5-40.23.2",
            "krb5": "1.12.5-40.23.2",
            "krb5-32bit": "1.12.5-40.23.2",
            "krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
            "krb5-server": "1.12.5-40.23.2"
        }
    ]
}