Bug 9778

Summary: krb5 new security issue CVE-2013-1416
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal CC: davidwhodgins, sysadmin-bugs, tmb
Version: 2Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/547513/
Whiteboard: MGA2-64-OK MGA2-32-OK
Source RPM: krb5-1.9.2-2.4.mga2.src.rpm CVE:
Status comment:

Description David Walser 2013-04-17 20:35:34 CEST 
RedHat has issued an advisory on April 16:
https://rhn.redhat.com/errata/RHSA-2013-0748.html

Cauldron is not affected (bug eliminated through code refactoring in 1.11).

Patched package uploaded for Mageia 2.

Patch checked into Mageia 1 SVN.

Advisory:
========================

Updated krb5 packages fix security vulnerability:

A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC
processed certain TGS (Ticket-granting Server) requests. A remote,
authenticated attacker could use this flaw to crash the KDC via a
specially-crafted TGS request (CVE-2013-1416).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416
https://rhn.redhat.com/errata/RHSA-2013-0748.html
========================

Updated packages in core/updates_testing:
========================
krb5-1.9.2-2.5.mga2
libkrb53-devel-1.9.2-2.5.mga2
libkrb53-1.9.2-2.5.mga2
krb5-server-1.9.2-2.5.mga2
krb5-server-ldap-1.9.2-2.5.mga2
krb5-workstation-1.9.2-2.5.mga2
krb5-pkinit-openssl-1.9.2-2.5.mga2

from krb5-1.9.2-2.5.mga2.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 Dave Hodgins 2013-04-25 03:53:42 CEST 
Testing complete on Mageia 2 i586 using the procedure from
https://wiki.mageia.org/en/QA_procedure:Krb5

I'll test x86_64 shortly.

CC: (none) => davidwhodgins

Comment 2 Dave Hodgins 2013-04-25 04:07:59 CEST 
Testing complete on Mageia 2 x86_64.

Could someone from the sysadmin team push the srpm
krb5-1.9.2-2.5.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: Updated krb5 packages fix security vulnerability:

A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC
processed certain TGS (Ticket-granting Server) requests. A remote,
authenticated attacker could use this flaw to crash the KDC via a
specially-crafted TGS request (CVE-2013-1416).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416
https://rhn.redhat.com/errata/RHSA-2013-0748.html

https://bugs.mageia.org/show_bug.cgi?id=9778

Keywords: (none) => validated_update
Whiteboard: (none) => MGA2-64-OK MGA2-32-OK
CC: (none) => sysadmin-bugs

Comment 3 Thomas Backlund 2013-05-02 19:25:44 CEST 
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0131

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED