{"affected":[{"ecosystem_specific":{"binaries":[{"krb5-devel":"1.12.1-9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12","name":"krb5","purl":"pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.12.1-9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"krb5":"1.12.1-9.1","krb5-32bit":"1.12.1-9.1","krb5-client":"1.12.1-9.1","krb5-doc":"1.12.1-9.1","krb5-plugin-kdb-ldap":"1.12.1-9.1","krb5-plugin-preauth-otp":"1.12.1-9.1","krb5-plugin-preauth-pkinit":"1.12.1-9.1","krb5-server":"1.12.1-9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"krb5","purl":"pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.12.1-9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"krb5":"1.12.1-9.1","krb5-32bit":"1.12.1-9.1","krb5-client":"1.12.1-9.1","krb5-doc":"1.12.1-9.1","krb5-plugin-kdb-ldap":"1.12.1-9.1","krb5-plugin-preauth-otp":"1.12.1-9.1","krb5-plugin-preauth-pkinit":"1.12.1-9.1","krb5-server":"1.12.1-9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"krb5","purl":"pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.12.1-9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nMIT kerberos krb5 was updated to fix several security issues and bugs.\n\nSecurity issues fixed:\nCVE-2014-5351: The kadm5_randkey_principal_3 function in\nlib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5)\nsent old keys in a response to a -randkey -keepold request, which allowed\nremote authenticated users to forge tickets by leveraging administrative\naccess.\n\nCVE-2014-5352: In the MIT krb5 libgssapi_krb5 library, after\ngss_process_context_token() is used to process a valid context\ndeletion token, the caller was left with a security context handle\ncontaining a dangling pointer.  Further uses of this handle would have\nresulted in use-after-free and double-free memory access violations.\nlibgssrpc server applications such as kadmind were vulnerable as they\ncan be instructed to call gss_process_context_token().\n\nCVE-2014-9421: If the MIT krb5 kadmind daemon receives invalid XDR\ndata from an authenticated user, it may have performed use-after-free and\ndouble-free memory access violations while cleaning up the partial\ndeserialization results. Other libgssrpc server applications might also\nbeen vulnerable if they contain insufficiently defensive XDR functions.\n\nCVE-2014-9422: The MIT krb5 kadmind daemon incorrectly accepted\nauthentications to two-component server principals whose first\ncomponent is a left substring of 'kadmin' or whose realm is a left\nprefix of the default realm.\n\nCVE-2014-9423: libgssrpc applications including kadmind output four or\neight bytes of uninitialized memory to the network as part of an\nunused 'handle' field in replies to clients.\n\nBugs fixed:\n- Work around replay cache creation race; (bnc#898439).\n","id":"SUSE-SU-2015:0290-1","modified":"2015-01-21T10:07:55Z","published":"2015-01-21T10:07:55Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150290-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/897874"},{"type":"REPORT","url":"https://bugzilla.suse.com/898439"},{"type":"REPORT","url":"https://bugzilla.suse.com/912002"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-5351"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-5352"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9421"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9422"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9423"}],"related":["CVE-2014-5351","CVE-2014-5352","CVE-2014-9421","CVE-2014-9422","CVE-2014-9423"],"summary":"Security update for krb5","upstream":["CVE-2014-5351","CVE-2014-5352","CVE-2014-9421","CVE-2014-9422","CVE-2014-9423"]}