Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:8648: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Red Hat Security Data
#vulnerability#linux#red_hat#ldap#auth#sap

Issued:

2022-11-28

Updated:

2022-11-28

RHSA-2022:8648 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: krb5 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for krb5 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

  • krb5: integer overflow vulnerabilities in PAC parsing (CVE-2022-42898)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, running Kerberos services (krb5kdc, kadmin, and kprop) will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 2140960 - CVE-2022-42898 krb5: integer overflow vulnerabilities in PAC parsing

Red Hat Enterprise Linux Server - AUS 8.2

SRPM

krb5-1.17-19.el8_2.src.rpm

SHA-256: 8e4db6a3edbbf7dcdf03964dfab14bcdf1826591ceb35eea4a432853d879a632

x86_64

krb5-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 6d36c9310fa10d90f09908793cf4e476615ab41926a408446e84a43b104e2ff4

krb5-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 1d6a5b3c14544fa1478b309642eee2cb48f8b7c2bcd1a64fcc4995ca19b4f45a

krb5-debugsource-1.17-19.el8_2.i686.rpm

SHA-256: 02c94d1ad86b4ce186483abc3ef85437068fbdcdc77bffe1a6c1739643a63d1c

krb5-debugsource-1.17-19.el8_2.x86_64.rpm

SHA-256: 2f886a56477e3552f108478ed3d782031a42f2953d0ce7afcb4d64ec31ef8968

krb5-devel-1.17-19.el8_2.i686.rpm

SHA-256: 2f6e0ae41295824a6b85158e89a0ec0e4fbbc5795747726b89c5625211cb069d

krb5-devel-1.17-19.el8_2.x86_64.rpm

SHA-256: 16d8e62387169d6966a3b78b9ab50fb6e92c81f99fcecdbebf4645c8a866a685

krb5-devel-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 950d3817e44a0b9f05eed7524e61fa8621b817b354dfa7c53d7dfa31dc1d38ff

krb5-devel-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 83a9e6927250abe320ae10cbd2ebdd457490b529607dc21159ead5cad77a8878

krb5-libs-1.17-19.el8_2.i686.rpm

SHA-256: 7341dc004e08a70cd4212d186a68a6541d04c74c99e0499037ce625d497d0102

krb5-libs-1.17-19.el8_2.x86_64.rpm

SHA-256: 453f2569dceaf83b98540b56aa13bb89b903988fcd6ca122c5faa85c39cae670

krb5-libs-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: ac35d5e2c7ca21ad7ea465e452dbecd5fd45e14630789a2596e901b9f8271b56

krb5-libs-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 8af874cd0755a55e7960b64841a5ea59dd46c2e4d94fe29353ea6932a6c8d229

krb5-pkinit-1.17-19.el8_2.i686.rpm

SHA-256: d634e7e1cfe8c85e53e5203b44aea3363ed37f585626c3396a432b8f6a75ccd5

krb5-pkinit-1.17-19.el8_2.x86_64.rpm

SHA-256: 4bd9eaa73a27c0cbb70a54849f5c9e7ce401d2364e51b94ab5d45528bd5e13cf

krb5-pkinit-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: c722479ce65384d68dbffe332f678970962bc76051cdd5ac24b71ee5789ac690

krb5-pkinit-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: c49a2e90c8ef7d0600c157791f7246e48c5e811ba0ea15980f7631a0e3c3de85

krb5-server-1.17-19.el8_2.i686.rpm

SHA-256: 900b1e83e1f5b8418eaceeb7c42fe40c2dd5afdebc61e504bad5747436d45123

krb5-server-1.17-19.el8_2.x86_64.rpm

SHA-256: d96cc0646864cbf4c39fc48714552a7816d47d5ac5d68bb207d5f3cf5d01d656

krb5-server-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 2207d525c618e5cdb00bc0bcea095f854fdf94f889d6cb1d44b8632164ce34cd

krb5-server-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: ee0c1c326b97b76692f65f48995f5b8403e36aa920d18d9b18371641e5c3dc1a

krb5-server-ldap-1.17-19.el8_2.i686.rpm

SHA-256: 7b680e570083f125c1be5577714249cd8d3cfc8df1ee7905989bc6703265ea55

krb5-server-ldap-1.17-19.el8_2.x86_64.rpm

SHA-256: 39fae9b40f3be33af4f20645b5d031e576cfc94f2229cc1dd5d7b992e73a6edc

krb5-server-ldap-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 246fdf050c231529dafbb901077be4641859c748f31b7621900c7bac36e58935

krb5-server-ldap-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 775c711fff92c334a9bea2abdccdd810dd67964dcebfb20b4e785df9c0fc4562

krb5-workstation-1.17-19.el8_2.x86_64.rpm

SHA-256: 80ee14234d4da4e9ddfe720e4caef6509577fd8cd7cc21a20a32bc3478bc35fd

krb5-workstation-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 1be3a97ad1c5a7d7e285e50afe8332a0e692bacf0a25ba4996575793d7443319

krb5-workstation-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: ae819a7cf0a1885c8a53dc03b48a8119f551f05afad961a49b24511acb7412a6

libkadm5-1.17-19.el8_2.i686.rpm

SHA-256: b5e2359e421d99b4052b9b6a516b3283070dc0fb93e0027fc434537dcbd59d83

libkadm5-1.17-19.el8_2.x86_64.rpm

SHA-256: 100e96906be35be7be60bbb711053cb83226c54083a49478abc0f4dffee96301

libkadm5-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: a1e0c35bedfe60263bd39897f7ae53b2ca58c303fd4adfe0714f23ab6fe2ce11

libkadm5-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 78783f500cff5f141acdf20b42ad147ed30f881ececd4be031097f9c1ec9e808

Red Hat Enterprise Linux Server - TUS 8.2

SRPM

krb5-1.17-19.el8_2.src.rpm

SHA-256: 8e4db6a3edbbf7dcdf03964dfab14bcdf1826591ceb35eea4a432853d879a632

x86_64

krb5-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 6d36c9310fa10d90f09908793cf4e476615ab41926a408446e84a43b104e2ff4

krb5-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 1d6a5b3c14544fa1478b309642eee2cb48f8b7c2bcd1a64fcc4995ca19b4f45a

krb5-debugsource-1.17-19.el8_2.i686.rpm

SHA-256: 02c94d1ad86b4ce186483abc3ef85437068fbdcdc77bffe1a6c1739643a63d1c

krb5-debugsource-1.17-19.el8_2.x86_64.rpm

SHA-256: 2f886a56477e3552f108478ed3d782031a42f2953d0ce7afcb4d64ec31ef8968

krb5-devel-1.17-19.el8_2.i686.rpm

SHA-256: 2f6e0ae41295824a6b85158e89a0ec0e4fbbc5795747726b89c5625211cb069d

krb5-devel-1.17-19.el8_2.x86_64.rpm

SHA-256: 16d8e62387169d6966a3b78b9ab50fb6e92c81f99fcecdbebf4645c8a866a685

krb5-devel-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 950d3817e44a0b9f05eed7524e61fa8621b817b354dfa7c53d7dfa31dc1d38ff

krb5-devel-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 83a9e6927250abe320ae10cbd2ebdd457490b529607dc21159ead5cad77a8878

krb5-libs-1.17-19.el8_2.i686.rpm

SHA-256: 7341dc004e08a70cd4212d186a68a6541d04c74c99e0499037ce625d497d0102

krb5-libs-1.17-19.el8_2.x86_64.rpm

SHA-256: 453f2569dceaf83b98540b56aa13bb89b903988fcd6ca122c5faa85c39cae670

krb5-libs-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: ac35d5e2c7ca21ad7ea465e452dbecd5fd45e14630789a2596e901b9f8271b56

krb5-libs-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 8af874cd0755a55e7960b64841a5ea59dd46c2e4d94fe29353ea6932a6c8d229

krb5-pkinit-1.17-19.el8_2.i686.rpm

SHA-256: d634e7e1cfe8c85e53e5203b44aea3363ed37f585626c3396a432b8f6a75ccd5

krb5-pkinit-1.17-19.el8_2.x86_64.rpm

SHA-256: 4bd9eaa73a27c0cbb70a54849f5c9e7ce401d2364e51b94ab5d45528bd5e13cf

krb5-pkinit-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: c722479ce65384d68dbffe332f678970962bc76051cdd5ac24b71ee5789ac690

krb5-pkinit-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: c49a2e90c8ef7d0600c157791f7246e48c5e811ba0ea15980f7631a0e3c3de85

krb5-server-1.17-19.el8_2.i686.rpm

SHA-256: 900b1e83e1f5b8418eaceeb7c42fe40c2dd5afdebc61e504bad5747436d45123

krb5-server-1.17-19.el8_2.x86_64.rpm

SHA-256: d96cc0646864cbf4c39fc48714552a7816d47d5ac5d68bb207d5f3cf5d01d656

krb5-server-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 2207d525c618e5cdb00bc0bcea095f854fdf94f889d6cb1d44b8632164ce34cd

krb5-server-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: ee0c1c326b97b76692f65f48995f5b8403e36aa920d18d9b18371641e5c3dc1a

krb5-server-ldap-1.17-19.el8_2.i686.rpm

SHA-256: 7b680e570083f125c1be5577714249cd8d3cfc8df1ee7905989bc6703265ea55

krb5-server-ldap-1.17-19.el8_2.x86_64.rpm

SHA-256: 39fae9b40f3be33af4f20645b5d031e576cfc94f2229cc1dd5d7b992e73a6edc

krb5-server-ldap-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 246fdf050c231529dafbb901077be4641859c748f31b7621900c7bac36e58935

krb5-server-ldap-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 775c711fff92c334a9bea2abdccdd810dd67964dcebfb20b4e785df9c0fc4562

krb5-workstation-1.17-19.el8_2.x86_64.rpm

SHA-256: 80ee14234d4da4e9ddfe720e4caef6509577fd8cd7cc21a20a32bc3478bc35fd

krb5-workstation-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 1be3a97ad1c5a7d7e285e50afe8332a0e692bacf0a25ba4996575793d7443319

krb5-workstation-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: ae819a7cf0a1885c8a53dc03b48a8119f551f05afad961a49b24511acb7412a6

libkadm5-1.17-19.el8_2.i686.rpm

SHA-256: b5e2359e421d99b4052b9b6a516b3283070dc0fb93e0027fc434537dcbd59d83

libkadm5-1.17-19.el8_2.x86_64.rpm

SHA-256: 100e96906be35be7be60bbb711053cb83226c54083a49478abc0f4dffee96301

libkadm5-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: a1e0c35bedfe60263bd39897f7ae53b2ca58c303fd4adfe0714f23ab6fe2ce11

libkadm5-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 78783f500cff5f141acdf20b42ad147ed30f881ececd4be031097f9c1ec9e808

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM

krb5-1.17-19.el8_2.src.rpm

SHA-256: 8e4db6a3edbbf7dcdf03964dfab14bcdf1826591ceb35eea4a432853d879a632

ppc64le

krb5-debuginfo-1.17-19.el8_2.ppc64le.rpm

SHA-256: a928951c7d55265ab1703c7adaf866f0897de51bb8561181d3bda4d65e574f0a

krb5-debugsource-1.17-19.el8_2.ppc64le.rpm

SHA-256: bbf39b1f80c3a3a5cb1d6ea2f721f00852cac006618e78f5ae2637bc3e344d66

krb5-devel-1.17-19.el8_2.ppc64le.rpm

SHA-256: 6c407ee7053b035b1f3357d74f3e53d6eab6559b785e87c6f045f7889a12b511

krb5-devel-debuginfo-1.17-19.el8_2.ppc64le.rpm

SHA-256: 13434d429e0e8cfb3552bde494ec82d2e70521898e0546d17b6b563b7595428f

krb5-libs-1.17-19.el8_2.ppc64le.rpm

SHA-256: c10e674f8b3ddea40d465870cd506d685cc1ee09e86b660e5cfdb0575e24a8e0

krb5-libs-debuginfo-1.17-19.el8_2.ppc64le.rpm

SHA-256: 189d68a3f171cbc50dc6d00d2419ff32cc771be441f123a1fde78504fe84e30a

krb5-pkinit-1.17-19.el8_2.ppc64le.rpm

SHA-256: ede8a6690059e7d37fbcee55783df3b773e1f1c3cd8d2157c1ef0fb9aeb86cf8

krb5-pkinit-debuginfo-1.17-19.el8_2.ppc64le.rpm

SHA-256: a70df0ac5653054bf87b05c47dcf329a9c15c0f2200ad1844d9cbbc5cba1c866

krb5-server-1.17-19.el8_2.ppc64le.rpm

SHA-256: 6d1b7d9bd748407e451ee1a33360db5e17639090f728e7d7527876e1163723fc

krb5-server-debuginfo-1.17-19.el8_2.ppc64le.rpm

SHA-256: 8e391b8f429f4a8d9a508d87ffefdf316c788123fe25e4a2e1023a9789ee8f2a

krb5-server-ldap-1.17-19.el8_2.ppc64le.rpm

SHA-256: 65e8088f0feeca14167cb8d8219db746b951dd13922db1658f12c87000675bfb

krb5-server-ldap-debuginfo-1.17-19.el8_2.ppc64le.rpm

SHA-256: fc05882533b24b672c2a945972f3a94f61cf7c89888aa5e04452a7626b69b72b

krb5-workstation-1.17-19.el8_2.ppc64le.rpm

SHA-256: 8ba893c1e316690d7c596babb716e7c9a8055edf39f5c5fc603b9ddada1cad28

krb5-workstation-debuginfo-1.17-19.el8_2.ppc64le.rpm

SHA-256: 5b5da89482a41a6fae73e1085200399f22c05a27bd0f7fcb2bd4f1042808fd46

libkadm5-1.17-19.el8_2.ppc64le.rpm

SHA-256: 71c84a4f3c31ef6216abcfb8d0699dcf239c6d917f9bd1127329196c2cbecc15

libkadm5-debuginfo-1.17-19.el8_2.ppc64le.rpm

SHA-256: 1253e9408deddbaa169879572513ddc107941b4e3b7027b36db3e671af30d78e

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM

krb5-1.17-19.el8_2.src.rpm

SHA-256: 8e4db6a3edbbf7dcdf03964dfab14bcdf1826591ceb35eea4a432853d879a632

x86_64

krb5-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 6d36c9310fa10d90f09908793cf4e476615ab41926a408446e84a43b104e2ff4

krb5-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 1d6a5b3c14544fa1478b309642eee2cb48f8b7c2bcd1a64fcc4995ca19b4f45a

krb5-debugsource-1.17-19.el8_2.i686.rpm

SHA-256: 02c94d1ad86b4ce186483abc3ef85437068fbdcdc77bffe1a6c1739643a63d1c

krb5-debugsource-1.17-19.el8_2.x86_64.rpm

SHA-256: 2f886a56477e3552f108478ed3d782031a42f2953d0ce7afcb4d64ec31ef8968

krb5-devel-1.17-19.el8_2.i686.rpm

SHA-256: 2f6e0ae41295824a6b85158e89a0ec0e4fbbc5795747726b89c5625211cb069d

krb5-devel-1.17-19.el8_2.x86_64.rpm

SHA-256: 16d8e62387169d6966a3b78b9ab50fb6e92c81f99fcecdbebf4645c8a866a685

krb5-devel-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 950d3817e44a0b9f05eed7524e61fa8621b817b354dfa7c53d7dfa31dc1d38ff

krb5-devel-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 83a9e6927250abe320ae10cbd2ebdd457490b529607dc21159ead5cad77a8878

krb5-libs-1.17-19.el8_2.i686.rpm

SHA-256: 7341dc004e08a70cd4212d186a68a6541d04c74c99e0499037ce625d497d0102

krb5-libs-1.17-19.el8_2.x86_64.rpm

SHA-256: 453f2569dceaf83b98540b56aa13bb89b903988fcd6ca122c5faa85c39cae670

krb5-libs-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: ac35d5e2c7ca21ad7ea465e452dbecd5fd45e14630789a2596e901b9f8271b56

krb5-libs-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 8af874cd0755a55e7960b64841a5ea59dd46c2e4d94fe29353ea6932a6c8d229

krb5-pkinit-1.17-19.el8_2.i686.rpm

SHA-256: d634e7e1cfe8c85e53e5203b44aea3363ed37f585626c3396a432b8f6a75ccd5

krb5-pkinit-1.17-19.el8_2.x86_64.rpm

SHA-256: 4bd9eaa73a27c0cbb70a54849f5c9e7ce401d2364e51b94ab5d45528bd5e13cf

krb5-pkinit-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: c722479ce65384d68dbffe332f678970962bc76051cdd5ac24b71ee5789ac690

krb5-pkinit-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: c49a2e90c8ef7d0600c157791f7246e48c5e811ba0ea15980f7631a0e3c3de85

krb5-server-1.17-19.el8_2.i686.rpm

SHA-256: 900b1e83e1f5b8418eaceeb7c42fe40c2dd5afdebc61e504bad5747436d45123

krb5-server-1.17-19.el8_2.x86_64.rpm

SHA-256: d96cc0646864cbf4c39fc48714552a7816d47d5ac5d68bb207d5f3cf5d01d656

krb5-server-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 2207d525c618e5cdb00bc0bcea095f854fdf94f889d6cb1d44b8632164ce34cd

krb5-server-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: ee0c1c326b97b76692f65f48995f5b8403e36aa920d18d9b18371641e5c3dc1a

krb5-server-ldap-1.17-19.el8_2.i686.rpm

SHA-256: 7b680e570083f125c1be5577714249cd8d3cfc8df1ee7905989bc6703265ea55

krb5-server-ldap-1.17-19.el8_2.x86_64.rpm

SHA-256: 39fae9b40f3be33af4f20645b5d031e576cfc94f2229cc1dd5d7b992e73a6edc

krb5-server-ldap-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 246fdf050c231529dafbb901077be4641859c748f31b7621900c7bac36e58935

krb5-server-ldap-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 775c711fff92c334a9bea2abdccdd810dd67964dcebfb20b4e785df9c0fc4562

krb5-workstation-1.17-19.el8_2.x86_64.rpm

SHA-256: 80ee14234d4da4e9ddfe720e4caef6509577fd8cd7cc21a20a32bc3478bc35fd

krb5-workstation-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: 1be3a97ad1c5a7d7e285e50afe8332a0e692bacf0a25ba4996575793d7443319

krb5-workstation-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: ae819a7cf0a1885c8a53dc03b48a8119f551f05afad961a49b24511acb7412a6

libkadm5-1.17-19.el8_2.i686.rpm

SHA-256: b5e2359e421d99b4052b9b6a516b3283070dc0fb93e0027fc434537dcbd59d83

libkadm5-1.17-19.el8_2.x86_64.rpm

SHA-256: 100e96906be35be7be60bbb711053cb83226c54083a49478abc0f4dffee96301

libkadm5-debuginfo-1.17-19.el8_2.i686.rpm

SHA-256: a1e0c35bedfe60263bd39897f7ae53b2ca58c303fd4adfe0714f23ab6fe2ce11

libkadm5-debuginfo-1.17-19.el8_2.x86_64.rpm

SHA-256: 78783f500cff5f141acdf20b42ad147ed30f881ececd4be031097f9c1ec9e808

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

CVE-2023-22130: Oracle Critical Patch Update Advisory - October 2023

Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

Red Hat Security Advisory 2023-3664-01

Red Hat Security Advisory 2023-3664-01 - Release of Security Advisory for the OpenShift Jenkins image and Jenkins agent base image.

RHSA-2023:3624: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24534: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service. * CVE-2023-24536: A flaw was found in Golang Go, where it is vulnerable to a denial of service cause...

RHSA-2023:0584: Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 security update

Secondary Scheduler Operator for Red Hat OpenShift 1.1.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2880: A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query ...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

Red Hat Security Advisory 2023-1174-01

Red Hat Security Advisory 2023-1174-01 - OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.

RHSA-2023:0934: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...

Red Hat Security Advisory 2023-0786-01

Red Hat Security Advisory 2023-0786-01 - Network observability is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console.

RHSA-2023:0786: Red Hat Security Advisory: Network observability 1.1.0 security update

Network observability 1.1.0 release for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0813: A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows without authentication.

RHSA-2023:0634: Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update

Logging Subsystem 5.6.1 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability. * CVE-2022-46175: A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned f...

RHSA-2023:0542: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.3.1 Containers security update

Red Hat OpenShift Service Mesh 2.3.1 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-3962: kiali: error message spoofing in kiali UI * CVE-2022-27664: golang: ...

Ubuntu Security Notice USN-5828-1

Ubuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

RHSA-2023:0408: Red Hat Security Advisory: OpenShift Virtualization 4.12.0 Images security update

Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...

RHSA-2022:7399: Red Hat Security Advisory: OpenShift Container Platform 4.12.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-2879: golang: arc...

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

RHSA-2022:9040: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.3 security update

Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General Availability release images, which provide security updates, fix bugs, and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function * CVE-2022-41912: crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements

RHSA-2022:9029: Red Hat Security Advisory: Red Hat Virtualization Host security update [ovirt-4.5.3-3]

An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8964: Red Hat Security Advisory: updated rh-sso-7/sso76-openshift-rhel8 container and operator related images

Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware Containers. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: keycloak: path traversal via double URL encoding * CVE-2022-3916: keycloak: Session takeover with OIDC offline refreshtokens

Red Hat Security Advisory 2022-8827-01

Red Hat Security Advisory 2022-8827-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes.

Red Hat Security Advisory 2022-8663-01

Red Hat Security Advisory 2022-8663-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

RHSA-2022:8669: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8663: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8662: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

Red Hat Security Advisory 2022-8639-01

Red Hat Security Advisory 2022-8639-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8638-01

Red Hat Security Advisory 2022-8638-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8640-01

Red Hat Security Advisory 2022-8640-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8648-01

Red Hat Security Advisory 2022-8648-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8641-01

Red Hat Security Advisory 2022-8641-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2022-8637-01

Red Hat Security Advisory 2022-8637-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.

RHSA-2022:8640: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8641: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8639: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8638: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

RHSA-2022:8637: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing

Debian Security Advisory 5287-1

Debian Linux Security Advisory 5287-1 - Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos.

Debian Security Advisory 5286-1

Debian Linux Security Advisory 5286-1 - Greg Hudson discovered integer overflow flaws in the PAC parsing in krb5, the MIT implementation of Kerberos, which may result in remote code execution (in a KDC, kadmin, or GSS or Kerberos application server process), information exposure (to a cross-realm KDC acting maliciously), or denial of service (KDC or kadmind process crash).