Patched package uploaded for Mageia 5 with upstream patches (via Fedora) that fix three security issues and a crash in Chrome. Advisory: ======================== Updated krb5 packages fix security vulnerabilities: In all versions of MIT krb5, an authenticated attacker can cause kadmind to read beyond the end of allocated memory by sending a string without a terminating zero byte. Information leakage may be possible for an attacker with permission to modify the database (CVE-2015-8629). In MIT krb5 1.12 and later, an authenticated attacker with permission to modify a principal entry can cause kadmind to dereference a null pointer by supplying a null policy value but including KADM5_POLICY in the mask (CVE-2015-8630). In all versions of MIT krb5, an authenticated attacker can cause kadmind to leak memory by supplying a null principal name in a request which uses one. Repeating these requests will eventually cause kadmind to exhaust all available memory (CVE-2015-8631). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631 ======================== Updated packages in core/updates_testing: ======================== krb5-1.12.2-8.3.mga5 libkrb53-devel-1.12.2-8.3.mga5 libkrb53-1.12.2-8.3.mga5 krb5-server-1.12.2-8.3.mga5 krb5-server-ldap-1.12.2-8.3.mga5 krb5-workstation-1.12.2-8.3.mga5 krb5-pkinit-openssl-1.12.2-8.3.mga5 from krb5-1.12.2-8.3.mga5.src.rpm Reproducible: Steps to Reproduce:
Testing procedure: https://wiki.mageia.org/en/QA_procedure:Krb5
Whiteboard: (none) => has_procedure
Fedora has issued an advisory for this on January 31: https://lists.fedoraproject.org/pipermail/package-announce/2016-January/176451.html Advisory: ======================== Updated krb5 packages fix security vulnerabilities: In all versions of MIT krb5, an authenticated attacker can cause kadmind to read beyond the end of allocated memory by sending a string without a terminating zero byte. Information leakage may be possible for an attacker with permission to modify the database (CVE-2015-8629). In MIT krb5 1.12 and later, an authenticated attacker with permission to modify a principal entry can cause kadmind to dereference a null pointer by supplying a null policy value but including KADM5_POLICY in the mask (CVE-2015-8630). In all versions of MIT krb5, an authenticated attacker can cause kadmind to leak memory by supplying a null principal name in a request which uses one. Repeating these requests will eventually cause kadmind to exhaust all available memory (CVE-2015-8631). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631 https://lists.fedoraproject.org/pipermail/package-announce/2016-January/176451.html
URL: (none) => http://lwn.net/Vulnerabilities/674262/
MGA5-32 on Acer D620 Xfce No installation issues. Followed procedure as per Comment 1: OK $ kinit Password for tester5@xxxx.yyyy.zzzz: [tester5@xxxx essentialsql]$ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: tester5@xxxx.yyyy.zzzz Valid starting Expires Service principal 04-02-16 16:15:05 05-02-16 16:15:05 krbtgt/xxxx.yyyy.zzz@xxxx.yyyy.zzzz [tester5@xxx essentialsql]$ krlogin $(hostname) This rlogin session is encrypting all data transmissions. Last login: Thu Feb 4 15:12:04 on :0
CC: (none) => herman.viaeneWhiteboard: has_procedure => has_procedure MGA5-32-OK
Keywords: (none) => validated_updateWhiteboard: has_procedure MGA5-32-OK => has_procedure MGA5-32-OK advisoryCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0052.html
Status: NEW => RESOLVEDResolution: (none) => FIXED