Security update for krb5 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:0501-1 Final 1 1 2016-02-18T08:28:14Z current 2016-02-18T08:28:14Z 2016-02-18T08:28:14Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for krb5 This update for krb5 fixes the following issues: - CVE-2015-8629: Information leak authenticated attackers with permissions to modify the database (bsc#963968) - CVE-2015-8630: An authenticated attacker with permission to modify a principal entry may have caused kadmind to crash (bsc#963964) - CVE-2015-8631: An authenticated attacker could have caused a memory leak in auditd by supplying a null principal name in request (bsc#963975) This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html E-Mail link for openSUSE-SU-2016:0501-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 krb5-1.12.1-27.1 krb5-32bit-1.12.1-27.1 krb5-client-1.12.1-27.1 krb5-devel-1.12.1-27.1 krb5-devel-32bit-1.12.1-27.1 krb5-doc-1.12.1-27.1 krb5-mini-1.12.1-27.1 krb5-mini-devel-1.12.1-27.1 krb5-plugin-kdb-ldap-1.12.1-27.1 krb5-plugin-preauth-otp-1.12.1-27.1 krb5-plugin-preauth-pkinit-1.12.1-27.1 krb5-server-1.12.1-27.1 krb5-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-32bit-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-client-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-devel-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-devel-32bit-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-doc-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-mini-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-mini-devel-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-plugin-kdb-ldap-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-plugin-preauth-otp-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-plugin-preauth-pkinit-1.12.1-27.1 as a component of openSUSE Leap 42.1 krb5-server-1.12.1-27.1 as a component of openSUSE Leap 42.1 The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string. CVE-2015-8629 openSUSE Leap 42.1:krb5-1.12.1-27.1 openSUSE Leap 42.1:krb5-32bit-1.12.1-27.1 openSUSE Leap 42.1:krb5-client-1.12.1-27.1 openSUSE Leap 42.1:krb5-devel-1.12.1-27.1 openSUSE Leap 42.1:krb5-devel-32bit-1.12.1-27.1 openSUSE Leap 42.1:krb5-doc-1.12.1-27.1 openSUSE Leap 42.1:krb5-mini-1.12.1-27.1 openSUSE Leap 42.1:krb5-mini-devel-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-kdb-ldap-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-preauth-otp-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-preauth-pkinit-1.12.1-27.1 openSUSE Leap 42.1:krb5-server-1.12.1-27.1 low 2.1 AV:N/AC:H/Au:S/C:P/I:N/A:N Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html https://www.suse.com/security/cve/CVE-2015-8629.html CVE-2015-8629 https://bugzilla.suse.com/770172 SUSE Bug 770172 https://bugzilla.suse.com/963968 SUSE Bug 963968 The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name. CVE-2015-8630 openSUSE Leap 42.1:krb5-1.12.1-27.1 openSUSE Leap 42.1:krb5-32bit-1.12.1-27.1 openSUSE Leap 42.1:krb5-client-1.12.1-27.1 openSUSE Leap 42.1:krb5-devel-1.12.1-27.1 openSUSE Leap 42.1:krb5-devel-32bit-1.12.1-27.1 openSUSE Leap 42.1:krb5-doc-1.12.1-27.1 openSUSE Leap 42.1:krb5-mini-1.12.1-27.1 openSUSE Leap 42.1:krb5-mini-devel-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-kdb-ldap-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-preauth-otp-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-preauth-pkinit-1.12.1-27.1 openSUSE Leap 42.1:krb5-server-1.12.1-27.1 low 2.1 AV:N/AC:H/Au:S/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html https://www.suse.com/security/cve/CVE-2015-8630.html CVE-2015-8630 https://bugzilla.suse.com/963964 SUSE Bug 963964 Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name. CVE-2015-8631 openSUSE Leap 42.1:krb5-1.12.1-27.1 openSUSE Leap 42.1:krb5-32bit-1.12.1-27.1 openSUSE Leap 42.1:krb5-client-1.12.1-27.1 openSUSE Leap 42.1:krb5-devel-1.12.1-27.1 openSUSE Leap 42.1:krb5-devel-32bit-1.12.1-27.1 openSUSE Leap 42.1:krb5-doc-1.12.1-27.1 openSUSE Leap 42.1:krb5-mini-1.12.1-27.1 openSUSE Leap 42.1:krb5-mini-devel-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-kdb-ldap-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-preauth-otp-1.12.1-27.1 openSUSE Leap 42.1:krb5-plugin-preauth-pkinit-1.12.1-27.1 openSUSE Leap 42.1:krb5-server-1.12.1-27.1 moderate 6.3 AV:N/AC:M/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-02/msg00110.html https://www.suse.com/security/cve/CVE-2015-8631.html CVE-2015-8631 https://bugzilla.suse.com/963975 SUSE Bug 963975