ALSA-2023:6699

[ALSA-2023:6699] Moderate: krb5 security and bug fix update

Type:

security

Severity:

moderate

Release date:

2023-11-14

Description:

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

* krb5: Denial of service through freeing uninitialized pointer (CVE-2023-36054)
* krb5: double-free in KDC TGS processing (CVE-2023-39975)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	krb5-server-1.21.1-1.el9.aarch64.rpm	0eca3ce7b2ec2e5c6b78e1e0d0518578aa67dbdc7d38fa4813e76e47aa6652a1
aarch64	krb5-workstation-1.21.1-1.el9.aarch64.rpm	1bdb48996f8bc6e8889f360c067d72b827a8e4f427de6b8c6e721b493de48902
aarch64	libkadm5-1.21.1-1.el9.aarch64.rpm	3d997f6f968ae2e590c674a83a3cffa203e8244c855342c43b701024a40edf5b
aarch64	krb5-server-ldap-1.21.1-1.el9.aarch64.rpm	6c77ebc034a5996571b23ecbe298ca68755d3e827e2d2e8a5827e7e6932a117d
aarch64	krb5-libs-1.21.1-1.el9.aarch64.rpm	86a04377f8c3988a2eb2d269a85031b5d7c8978ef9702c860581d0aad32089c1
aarch64	krb5-devel-1.21.1-1.el9.aarch64.rpm	c9a007af9d16a3b6d387c74a2e0fea7f656afe6a89ea5b2e5e209d3f074c2aac
aarch64	krb5-pkinit-1.21.1-1.el9.aarch64.rpm	f446c62965587ceca1d774478078a402ebb41efb7d23022456eeae1786133463
i686	krb5-libs-1.21.1-1.el9.i686.rpm	3812203930cd6ddb7edb21be0f36be6354692f3af6b7bc3e0d3285d6d820dc14
i686	libkadm5-1.21.1-1.el9.i686.rpm	5602b7f4abd3060ab4eaaf6c57482c82e04aea2656ad667fc4f414f3dd3d174d
i686	krb5-pkinit-1.21.1-1.el9.i686.rpm	620ab9edac7a7f016a981ee88cb5b497d720b10535c1d1426f28be730381fe03
i686	krb5-server-ldap-1.21.1-1.el9.i686.rpm	647647017c5dd40ead7619da05536ba8cdce43f9a4fde1e158b11a45217d9b23
i686	krb5-devel-1.21.1-1.el9.i686.rpm	67912f8c565edafa7309c6426f571182e55b4ab75bffee6b4e74fcf99a4ab7a8
i686	krb5-server-1.21.1-1.el9.i686.rpm	923be019d24045a6f84fdef126a085a0bc7aef4970708dc236407677d48cd9e7
ppc64le	krb5-devel-1.21.1-1.el9.ppc64le.rpm	4da3dada32cecad788b97a665e8ade56fb865895599432b8ee889eb3dfd8a4a0
ppc64le	krb5-server-ldap-1.21.1-1.el9.ppc64le.rpm	528bc361d0a79b28dabf63b49b5e1240ded67c00ad2c28e903c6d1014afbfab0
ppc64le	krb5-server-1.21.1-1.el9.ppc64le.rpm	53f43ad89dd67969fabd92d620937832a18797147b1d6154eb58596ee2c410ae
ppc64le	libkadm5-1.21.1-1.el9.ppc64le.rpm	6402825e418ca40c9266efb31de01cc77de141cc2c15815e0e45f970c889cb14
ppc64le	krb5-pkinit-1.21.1-1.el9.ppc64le.rpm	6b98038e0ef9283d04bee4c3f7eae7d912f9674fb779cddce7251a1f4e3b88ea
ppc64le	krb5-workstation-1.21.1-1.el9.ppc64le.rpm	6f65131a2704fa7ed2dd7bdbf8ec8ba332ca07ec50dcadf015462afbf2c1b6d4
ppc64le	krb5-libs-1.21.1-1.el9.ppc64le.rpm	944ef7415382ae4c27ec27444d4f8bb54da04f64fe25aaa5ebeeaea174715cc2
s390x	krb5-workstation-1.21.1-1.el9.s390x.rpm	0040a3446a705b2ad742822c768fae6c12bbfd091b42908ec8872055b4402909
s390x	krb5-server-ldap-1.21.1-1.el9.s390x.rpm	2b1f90d7be016c6b9397bd2754b041af2d83a28e64f7208052a8f83c1dacbb49
s390x	krb5-pkinit-1.21.1-1.el9.s390x.rpm	3874c6893a4399868cbf04b0ae9ca42bfbb2f0d9f78dc7e3f5df491200bbc014
s390x	libkadm5-1.21.1-1.el9.s390x.rpm	3b7bcc9606751926589b0a85c49fd19f303ef494c61717c2f58be0e4568b0ae8
s390x	krb5-server-1.21.1-1.el9.s390x.rpm	57ca2485217cba477276cc1c545471cbcb695bb4ca39124d515ce8283d88ea79
s390x	krb5-libs-1.21.1-1.el9.s390x.rpm	a7f1c4ae7c023780bb12163d93f580f5eef371f79acb491766cbf8a49f5e3bda
s390x	krb5-devel-1.21.1-1.el9.s390x.rpm	ee035006c89d7fadb0a99aa3f6c85ea34ea77e19de468c0badfc4b8b51c63a01
x86_64	krb5-devel-1.21.1-1.el9.x86_64.rpm	10c8d439451533b9df0120153acfe86127aa025ec6908a657b477c65f88ac155
x86_64	libkadm5-1.21.1-1.el9.x86_64.rpm	6725b2f50727ca8f859bf7f50f85ed54eebf45f17dda7c58a47452c231c770ac
x86_64	krb5-server-1.21.1-1.el9.x86_64.rpm	7dcd81ef7f5269a54c6f9915387e212e27e7875ddbf3dce3faf8382b227c7f01
x86_64	krb5-libs-1.21.1-1.el9.x86_64.rpm	a1555ecee5147dacf2aa5abf6004f57eb9ec2d2d3c5a26426550722e508ced88
x86_64	krb5-workstation-1.21.1-1.el9.x86_64.rpm	a35c9c879fd217fc62df60afa0445387f56a72fb75eeaf0596f6a27094ccc5f4
x86_64	krb5-server-ldap-1.21.1-1.el9.x86_64.rpm	ab9956684fede193da5777f25680f06fa873c14b0795bd55d5cd75d0ad5c2f76
x86_64	krb5-pkinit-1.21.1-1.el9.x86_64.rpm	c8d0d818298c0b02677cedeb565ddd51794f870094cd6add539cd3f25c992cae

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.