Bug 9226

Summary: krb5 new security issue CVE-2013-1415
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: davidwhodgins, dmorganec, sysadmin-bugs
Version: 2Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard: MGA2-64-OK MGA2-32-OK
Source RPM: krb5-1.9.2-2.3.mga2.src.rpm CVE:
Status comment:

Description David Walser 2013-03-01 16:39:35 CET 
Upstream has released krb5 1.11.1, which fixes a security issue:
http://web.mit.edu/kerberos/krb5-1.11/

Updated package uploaded for Cauldron.

Patched package uploaded for Mageia 2.

Patch checked into Mageia 1 SVN.

Advisory:
========================

Updated krb5 packages fix security vulnerability:

It was reported that the KDC plugin for PKINIT could dereference a NULL
pointer when a malformed packet caused processing to terminate early, which
led to a crash of the KDC process.  An attacker would require a valid PKINIT
certificate or have observed a successful PKINIT authentication to execute a
successful attack.  In addition, an unauthenticated attacker could execute
the attack of anonymouse PKINIT was enabled (CVE-2013-1415).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415
http://web.mit.edu/kerberos/krb5-1.11/
https://bugzilla.redhat.com/show_bug.cgi?id=914749
========================

Updated packages in core/updates_testing:
========================
krb5-1.9.2-2.4.mga2
libkrb53-devel-1.9.2-2.4.mga2
libkrb53-1.9.2-2.4.mga2
krb5-server-1.9.2-2.4.mga2
krb5-server-ldap-1.9.2-2.4.mga2
krb5-workstation-1.9.2-2.4.mga2
krb5-pkinit-openssl-1.9.2-2.4.mga2

from krb5-1.9.2-2.4.mga2.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 Dave Hodgins 2013-03-03 21:13:37 CET 
Testing complete on Mageia 2 i586 and x86_64 using the procedure at
https://wiki.mageia.org/en/QA_procedure:Krb5

Could someone from the sysadmin team push the srpm
krb5-1.9.2-2.4.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: Updated krb5 packages fix security vulnerability:

It was reported that the KDC plugin for PKINIT could dereference a NULL
pointer when a malformed packet caused processing to terminate early, which
led to a crash of the KDC process.  An attacker would require a valid PKINIT
certificate or have observed a successful PKINIT authentication to execute a
successful attack.  In addition, an unauthenticated attacker could execute
the attack of anonymouse PKINIT was enabled (CVE-2013-1415).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415
http://web.mit.edu/kerberos/krb5-1.11/
https://bugzilla.redhat.com/show_bug.cgi?id=914749

https://bugs.mageia.org/show_bug.cgi?id=9226

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs
Whiteboard: (none) => MGA2-64-OK MGA2-32-OK

Comment 2 D Morgan 2013-03-09 01:52:29 CET 
Update pushed: 
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0087

Status: NEW => RESOLVED
CC: (none) => dmorganec
Resolution: (none) => FIXED