Sigurnosni propust u paketu krb5

Ranjivost koja omogućuje izvođenje napada uskraćivanjem usluge (eng. Denial of Service) pronađena je u radu paketa krb5.

Paket:	krb5 1.x
Operacijski sustavi:	Fedora 16
Kritičnost:	9.3
Problem:	neodgovarajuće rukovanje memorijom, pogreška u programskoj funkciji
Iskorištavanje:	udaljeno
Posljedica:	uskraćivanje usluga (DoS)
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2012-1015, CVE-2012-1013, CVE-2011-1530
Izvorni ID preporuke:	FEDORA-2012-11370
Izvor:	Fedora

Problem:
Ranjivost se javlja zbog nepravilnosti pri oslobađanju neinicijaliziranog pokazivača preko funkcije "free()".
Posljedica:
Zlonamjerni korisnici bi mogli srušiti aplikaciju, odnosno izazvati DoS stanje.
Rješenje:
Svim korisnicima se savjetuje instalacija nadogradnje.

Izvorni tekst preporuke

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-11370
2012-08-01 22:08:55
--------------------------------------------------------------------------------

Name        : krb5
Product     : Fedora 16
Version     : 1.9.4
Release     : 3.fc16
URL         : http://web.mit.edu/kerberos/www/
Summary     : The Kerberos network authentication system
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of cleartext passwords.

--------------------------------------------------------------------------------
Update Information:

This update updates the package from version 1.9.3 to version 1.9.4, mainly to
pick up a fix for an interoperability problem with Windows Server 2008R2
read-only domain controllers, and incorporates the upstream fix for
CVE-2012-1015, in which the KDC could be made to attempt to free an
uninitialized pointer.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 31 2012 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.4-3
- rebuild
* Tue Jul 31 2012 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.4-2
- add upstream patch to fix freeing an uninitialized pointer in the KDC
  (MITKRB5-SA-2012-001, CVE-2012-1015, #844777)
* Fri Jun 22 2012 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.4-1
- rebase to 1.9.4
  - drop the backport patch for CVE-2012-1013, no longer needed
  - drop some PDFs that no longer get built right
  - drop the backport patch for RT#6922, merged in as RT#7164
- backport a fix to allow a PKINIT client to handle SignedData from a KDC
  that's signed with a certificate that isn't in the SignedData, but which
  is available as an anchor or intermediate on the client (RT#7183)
* Fri Jun  1 2012 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.3-2
- pull up the patch to correct a possible NULL pointer dereference in
  kadmind (CVE-2012-1013, #827598)
* Mon May  7 2012 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.>
- skip the setfscreatecon() if fopen() is passed "rb" as the open mode (part
  of #819115)
* Thu Mar  8 2012 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.3-1
- update to 1.9.3
  - drop patch for CVE-2011-1530, incorporated upstream
  - drop patch for #756139, incorporated into 1.9 as RT#7007
- when removing -workstation, remove our files from the info index while
  the file is still there, in %preun, rather than %postun, and use the
  compressed file's name (#801035)
* Mon Jan 30 2012 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.2-6
- add patch to accept keytab entries with vno==0 as matches when we're
  searching for an entry with a specific name/kvno (#230382/#782211,RT#3349)
* Tue Dec 13 2011 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.2-5
- backport patch for RT#7046: tag a ccache containing credentials obtained via
  S4U2Proxy with the principal name of the proxying principal (part of #761317)
  so that the default principal name can be set to that of the client for which
  it is proxying, which results in the ccache looking more normal to consumers
  of the ccache that don't care that there's proxying going on
- pull in patch for RT#7047: allow tickets obtained via S4U2Proxy to be cached
  (more of #761317)
- backport patch for RT#7048: allow PAC verification to only bother trying to
  verify the signature with keys that it's given (still more of #761317)
* Tue Dec  6 2011 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.2-4
- apply upstream patch to fix a null pointer dereference when processing
  TGS requests (CVE-2011-1530, #753748)
* Wed Nov 30 2011 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.2-3
- correct a bug in the fix for #754001 so that the file creation context is
  consistently reset
* Tue Nov 22 2011 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.2-2
- pull patch from trunk so that when computing an HMAC, we don't assume that
  the HMAC output size is the same as the input key length (RT#6994, #756139)
* Tue Nov 15 2011 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.2-1
- update to 1.9.2, incorporating the recent security update and some of the
  things we were previously backporting, among other fixes
* Tue Nov 15 2011 Nalin Dahyabhai <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.9.1-19
- selinux: reset the creation context properly after expunging replay caches
  if they were previously set to the default value (#754001)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #844777 - CVE-2012-1015 krb5: KDC daemon crash via free() of an
uninitialized pointer [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=844777
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update krb5' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Sigurnosni propust u paketu krb5

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Sigurnosni propust u paketu krb5

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti