SUSE-SU-2018:0846-1
- Source
- https://www.suse.com/support/update/announcement/2018/suse-su-20180846-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:0846-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2018:0846-1
- Related
- Published
- 2018-03-29T12:02:46Z
- Modified
- 2018-03-29T12:02:46Z
- Summary
- Security update for krb5
- Details
-
This update for krb5 provides the following fixes:
Security issues fixed:
- CVE-2018-5730: DN container check bypass by supplying special crafted data (bsc#1083927).
- CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data (bsc#1083926).
Non-security issues fixed:
- Make it possible for legacy applications (e.g. SAP Netweaver) to remain compatible with newer Kerberos. System administrators who are experiencing this kind of compatibility issues may set the environment variable GSSAPIASSUMEMECH_MATCH to a non-empty value, and make sure the environment variable is visible and effective to the application startup script. (bsc#1057662)
- Fix a GSS failure in legacy applications by not indicating deprecated GSS mechanisms in gssindicatemech() list. (bsc#1081725)
- References
-
- https://www.suse.com/support/update/announcement/2018/suse-su-20180846-1/
- https://bugzilla.suse.com/1057662
- https://bugzilla.suse.com/1081725
- https://bugzilla.suse.com/1083926
- https://bugzilla.suse.com/1083927
- https://www.suse.com/security/cve/CVE-2018-5729
- https://www.suse.com/security/cve/CVE-2018-5730
Affected packages
SUSE:Linux Enterprise Desktop 12 SP2 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2
SUSE:Linux Enterprise Desktop 12 SP3 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3
SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2
SUSE:Linux Enterprise Software Development Kit 12 SP2 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
SUSE:Linux Enterprise Software Development Kit 12 SP3 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
SUSE:Linux Enterprise Server 12 SP2 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.12.5-40.23.2
Ecosystem specific
{
"binaries": [
{
"krb5-doc": "1.12.5-40.23.2",
"krb5-plugin-preauth-otp": "1.12.5-40.23.2",
"krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
"krb5-client": "1.12.5-40.23.2",
"krb5": "1.12.5-40.23.2",
"krb5-32bit": "1.12.5-40.23.2",
"krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
"krb5-server": "1.12.5-40.23.2"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.12.5-40.23.2
Ecosystem specific
{
"binaries": [
{
"krb5-doc": "1.12.5-40.23.2",
"krb5-plugin-preauth-otp": "1.12.5-40.23.2",
"krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
"krb5-client": "1.12.5-40.23.2",
"krb5": "1.12.5-40.23.2",
"krb5-32bit": "1.12.5-40.23.2",
"krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
"krb5-server": "1.12.5-40.23.2"
}
]
}
SUSE:Linux Enterprise Server 12 SP3 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.12.5-40.23.2
Ecosystem specific
{
"binaries": [
{
"krb5-doc": "1.12.5-40.23.2",
"krb5-plugin-preauth-otp": "1.12.5-40.23.2",
"krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
"krb5-client": "1.12.5-40.23.2",
"krb5": "1.12.5-40.23.2",
"krb5-32bit": "1.12.5-40.23.2",
"krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
"krb5-server": "1.12.5-40.23.2"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / krb5
Package
- Name
- krb5
- Purl
- purl:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.12.5-40.23.2
Ecosystem specific
{
"binaries": [
{
"krb5-doc": "1.12.5-40.23.2",
"krb5-plugin-preauth-otp": "1.12.5-40.23.2",
"krb5-plugin-preauth-pkinit": "1.12.5-40.23.2",
"krb5-client": "1.12.5-40.23.2",
"krb5": "1.12.5-40.23.2",
"krb5-32bit": "1.12.5-40.23.2",
"krb5-plugin-kdb-ldap": "1.12.5-40.23.2",
"krb5-server": "1.12.5-40.23.2"
}
]
}