Mandriva has issued an advisory today (August 1): http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:111 Patched package uploaded for Mageia 1, Mageia 2, and Cauldron. Advisory: ======================== Updated krb5 packages fix security vulnerability: The MIT krb5 KDC (Key Distribution Center) daemon can free an uninitialized pointer while processing an unusual AS-REQ, corrupting the process heap and possibly causing the daemon to abnormally terminate. An attacker could use this vulnerability to execute malicious code, but exploiting frees of uninitialized pointers to execute code is believed to be difficult. It is possible that a legitimate client that is misconfigured in an unusual way could trigger this vulnerability (CVE-2012-1015). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2012-001.txt http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:111 ======================== Updated packages in core/updates_testing: ======================== krb5-1.8.3-5.4.mga1 libkrb53-devel-1.8.3-5.4.mga1 libkrb53-1.8.3-5.4.mga1 krb5-server-1.8.3-5.4.mga1 krb5-server-ldap-1.8.3-5.4.mga1 krb5-workstation-1.8.3-5.4.mga1 krb5-pkinit-openssl-1.8.3-5.4.mga1 krb5-1.9.2-2.3.mga2 libkrb53-devel-1.9.2-2.3.mga2 libkrb53-1.9.2-2.3.mga2 krb5-server-1.9.2-2.3.mga2 krb5-server-ldap-1.9.2-2.3.mga2 krb5-workstation-1.9.2-2.3.mga2 krb5-pkinit-openssl-1.9.2-2.3.mga2 from SRPMS: krb5-1.8.3-5.4.mga1.src.rpm krb5-1.9.2-2.3.mga2.src.rpm
Whiteboard: (none) => MGA1TOO
We've got a testing procedure for testing krb5: https://wiki.mageia.org/en/QA_procedure:Krb5 No known exploit, so following the testing procedure should be enough.
CC: (none) => stormiWhiteboard: MGA1TOO => MGA1TOO has_procedure
Testing complete on Mageia 1 i586. I'll be testing the others shortly.
CC: (none) => davidwhodgins
On Mageia 1 x86-64, everything is fine until I try to krlogin. There login fails, but there is no message displayed. In /var/log/auth.log, there is an error message ... klogind[32124]: Error reading message I'm trying to figure out what is causing the problem.
https://bugs.launchpad.net/ubuntu/+source/krb5-appl/+bug/564641 Seems to be the same problem and has a patch.
Whiteboard: MGA1TOO has_procedure => MGA1TOO has_procedure feedback
Testing complete on Mageia 2 x86-64. I'll retest Mageia 1 x86-64 to see if comment 3 is a regression. I've also updated the procedure to show what output krlogin should be displaying.
Whiteboard: MGA1TOO has_procedure feedback => MGA1TOO has_procedure feedback MGA1-32-OK MGA2-64-OK
Severity: normal => major
I've now confirmed the problem with krlogin in Mageia 1 x86-64 is not a regression. As klist shows the ticket is being granted, I'll consider testing complete on Mageia 1 64 bit, and will open a new bug report for the krlogin problem.
Whiteboard: MGA1TOO has_procedure feedback MGA1-32-OK MGA2-64-OK => MGA1TOO has_procedure feedback MGA1-32-OK MGA2-64-OK MGA1-64-OK
Whiteboard: MGA1TOO has_procedure feedback MGA1-32-OK MGA2-64-OK MGA1-64-OK => MGA1TOO has_procedure MGA1-32-OK MGA2-64-OK MGA1-64-OK
Testing complete. Bug 6939 opened for the krlogin problem. Could someone from the sysadmin team push the srpm krb5-1.9.2-2.3.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates and the srpm krb5-1.8.3-5.4.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates. Advisory: Updated krb5 packages fix security vulnerability: The MIT krb5 KDC (Key Distribution Center) daemon can free an uninitialized pointer while processing an unusual AS-REQ, corrupting the process heap and possibly causing the daemon to abnormally terminate. An attacker could use this vulnerability to execute malicious code, but exploiting frees of uninitialized pointers to execute code is believed to be difficult. It is possible that a legitimate client that is misconfigured in an unusual way could trigger this vulnerability (CVE-2012-1015). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015 http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2012-001.txt http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:111 https://bugs.mageia.org/show_bug.cgi?id=6929
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: MGA1TOO has_procedure MGA1-32-OK MGA2-64-OK MGA1-64-OK => MGA1TOO has_procedure MGA1-32-OK MGA2-64-OK MGA1-64-OK MGA2-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0196
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED