Bug 19277

Summary: krb5 new security issue CVE-2016-3120
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: davidwhodgins, sysadmin-bugs
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/696074/
Whiteboard: has_procedure advisory MGA-32-OK
Source RPM: krb5-1.12.5-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2016-08-31 23:04:50 CEST 
Fedora has issued an advisory on August 1:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AWL3KYFRJIX37EAM4DKCQQIQP2WBKL35/

I had fixed this in Cauldron a few weeks ago but didn't realize 1.12.x was affected.

Patched package building for Mageia 5 (build system currently having problems).

Advisory:
========================

Updated krb5 packages fix security vulnerability:

The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.14.3, when restrict_anonymous_to_tgt
is enabled, uses an incorrect client data structure, which allows remote
authenticated users to cause a denial of service (NULL pointer dereference and
daemon crash) via an S4U2Self request (CVE-2016-3120).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AWL3KYFRJIX37EAM4DKCQQIQP2WBKL35/
========================

Updated packages in core/updates_testing:
========================
krb5-1.12.5-1.1.mga5
libkrb53-devel-1.12.5-1.1.mga5
libkrb53-1.12.5-1.1.mga5
krb5-server-1.12.5-1.1.mga5
krb5-server-ldap-1.12.5-1.1.mga5
krb5-workstation-1.12.5-1.1.mga5
krb5-pkinit-openssl-1.12.5-1.1.mga5

from krb5-1.12.5-1.1.mga5.src.rpm
Comment 1 David Walser 2016-08-31 23:05:03 CEST 
Testing procedure:
https://wiki.mageia.org/en/QA_procedure:Krb5

Whiteboard: (none) => has_procedure

Comment 2 David Walser 2016-08-31 23:15:30 CEST 
It finally built.  Assigning to QA.  Advisory and package list in Comment 0, testing procedure in Comment 1.

Assignee: bugsquad => qa-bugs

Comment 3 Dave Hodgins 2016-09-07 06:46:36 CEST 
Tested on Mageia 5 i586.

Whiteboard: has_procedure => has_procedure advisory MGA-32-OK
CC: (none) => davidwhodgins, sysadmin-bugs
Keywords: (none) => validated_update

Comment 4 Mageia Robot 2016-09-16 11:28:13 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0306.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED