Headline
RHSA-2022:8662: Red Hat Security Advisory: krb5 security update
An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Synopsis
Important: krb5 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for krb5 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).
Security Fix(es):
- krb5: integer overflow vulnerabilities in PAC parsing (CVE-2022-42898)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, running Kerberos services (krb5kdc, kadmin, and kprop) will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Fixes
- BZ - 2140960 - CVE-2022-42898 krb5: integer overflow vulnerabilities in PAC parsing
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
krb5-1.18.2-15.el8_6.src.rpm
SHA-256: 475eec1219832a711af8a81d07cbe4588ec521c12d85d4357d83eda912f7dba1
x86_64
krb5-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 79fb909981512fb25638a2ab9c94b011de060bc06e211b6b61aabad17ae64d47
krb5-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: b9a54b4be563354633d7eee6db2f19268a387ab897f024e599b8379e7de56766
krb5-debugsource-1.18.2-15.el8_6.i686.rpm
SHA-256: d93310a3ad5887a0152e5bb825c741d06d6998e4e7496bf94d95036fa88ccffb
krb5-debugsource-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 301279870a68d331b76c2cc7ca809ef976dc3e10838f82415855ad9ddd98d126
krb5-devel-1.18.2-15.el8_6.i686.rpm
SHA-256: 2accbb201e56b594a20ac86fbe35281d861b9825090e2ee0910a33190f63251b
krb5-devel-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2e84fb139208da3d134e0b603caa33f4cee0aa756a0903541ecd56c841476a22
krb5-devel-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 4dfe16f1a08b62cebd00f8dc657167b5b8139374c371ddab4c229a8414867a36
krb5-devel-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: a8c33ad61f80c5d681ac5020b6bc561ea932dbcd9ca6246fc87f29c6b4ed03f4
krb5-libs-1.18.2-15.el8_6.i686.rpm
SHA-256: 9a416140e81216134c4aa52f6c93962afe01fc25314227dcdbbb128dcadba3c7
krb5-libs-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 48f84e207fca003157c92c5b392361f7a0ea51229ed59436f08ec45ac283934b
krb5-libs-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: a9f9a5b244c14e08f3c8012154360c3d280df0c6f2a364f8a0b9cc5c3459cb7f
krb5-libs-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 79b6df2b042b33d747d0efa2b71aa7d35bfb98664027dd6c020e367bd910f64e
krb5-pkinit-1.18.2-15.el8_6.i686.rpm
SHA-256: 774f15ed284c0cbb78e0c7988882f0c6817600ccac47e19b6381f9706cb5b8c9
krb5-pkinit-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f572578054f5f41a0fa408be2b0886d88e4e0f467f90da9e4358dd20ba8d3f9b
krb5-pkinit-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 5ba6672e74c93b5a65e8286d56f93d91c45f609ac0fb778b1db620cd13af4301
krb5-pkinit-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: c8d049dba9366d591c50c2cb2ebeea0175245f1c99a66101c705592cd3478a02
krb5-server-1.18.2-15.el8_6.i686.rpm
SHA-256: 1615ae366b9eb69d9df2dc36dc32ece5606286403b4e93912e04f217d5d0fae6
krb5-server-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 3cdbb9f2c4d6b3331a6f4b380b07a313d458dbb5f3d94847290f0ee323444d1d
krb5-server-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 1783806c50de58852013c00fb03eb223edbf11f50cb8a87ea914febd5509a551
krb5-server-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 9a337ecbd336dc68039366bac49616eb56529cb6754267f1f68d78d48b9c5713
krb5-server-ldap-1.18.2-15.el8_6.i686.rpm
SHA-256: 17724001f5744e257381acf7d41a8f7b05e4fbd6aae4da8415fd83724706aa18
krb5-server-ldap-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f5dfcb788f3eb090eb16bfa1e9d0b202c8e97e733a786d2add0724592335254a
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 2fb884907512ca6492ef0e84e4f91478aa763c6a4027257679d6370e9ced3fc9
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2ec6892533b5c420ada803a3d3f753e44b24869b5b846a0993af7f97cc305223
krb5-workstation-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 193c38580d90ae218d36ad3a3875e770acdacfcc94786243da57dad8ed110423
krb5-workstation-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 524c8c5b2077ec4e4e6fc378d4b6bee5fd2e4a5368680bfad7d76ca3485814e6
krb5-workstation-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f49a0babaaf572d8e8fef909efbbd5e1a06df13cb27a295fec7ca8ae96476b0e
libkadm5-1.18.2-15.el8_6.i686.rpm
SHA-256: 33246cc2c777360cd1066b47bcff3077d71a1648a79792a03941760421ef289f
libkadm5-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2d4f78929e464d254f998e1ef1c569d9ab031c303109bdea41b17deaa4fb52cf
libkadm5-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 989c32fdafa98495e7b3074fc35b2489e1e150407cd28e20607fd9b78555d207
libkadm5-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 4daeb6f6beaa4a27ad9ef943f3b1f625b27b6c7544678fcc60b5278ccd6047fb
Red Hat Enterprise Linux Server - AUS 8.6
SRPM
krb5-1.18.2-15.el8_6.src.rpm
SHA-256: 475eec1219832a711af8a81d07cbe4588ec521c12d85d4357d83eda912f7dba1
x86_64
krb5-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 79fb909981512fb25638a2ab9c94b011de060bc06e211b6b61aabad17ae64d47
krb5-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: b9a54b4be563354633d7eee6db2f19268a387ab897f024e599b8379e7de56766
krb5-debugsource-1.18.2-15.el8_6.i686.rpm
SHA-256: d93310a3ad5887a0152e5bb825c741d06d6998e4e7496bf94d95036fa88ccffb
krb5-debugsource-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 301279870a68d331b76c2cc7ca809ef976dc3e10838f82415855ad9ddd98d126
krb5-devel-1.18.2-15.el8_6.i686.rpm
SHA-256: 2accbb201e56b594a20ac86fbe35281d861b9825090e2ee0910a33190f63251b
krb5-devel-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2e84fb139208da3d134e0b603caa33f4cee0aa756a0903541ecd56c841476a22
krb5-devel-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 4dfe16f1a08b62cebd00f8dc657167b5b8139374c371ddab4c229a8414867a36
krb5-devel-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: a8c33ad61f80c5d681ac5020b6bc561ea932dbcd9ca6246fc87f29c6b4ed03f4
krb5-libs-1.18.2-15.el8_6.i686.rpm
SHA-256: 9a416140e81216134c4aa52f6c93962afe01fc25314227dcdbbb128dcadba3c7
krb5-libs-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 48f84e207fca003157c92c5b392361f7a0ea51229ed59436f08ec45ac283934b
krb5-libs-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: a9f9a5b244c14e08f3c8012154360c3d280df0c6f2a364f8a0b9cc5c3459cb7f
krb5-libs-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 79b6df2b042b33d747d0efa2b71aa7d35bfb98664027dd6c020e367bd910f64e
krb5-pkinit-1.18.2-15.el8_6.i686.rpm
SHA-256: 774f15ed284c0cbb78e0c7988882f0c6817600ccac47e19b6381f9706cb5b8c9
krb5-pkinit-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f572578054f5f41a0fa408be2b0886d88e4e0f467f90da9e4358dd20ba8d3f9b
krb5-pkinit-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 5ba6672e74c93b5a65e8286d56f93d91c45f609ac0fb778b1db620cd13af4301
krb5-pkinit-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: c8d049dba9366d591c50c2cb2ebeea0175245f1c99a66101c705592cd3478a02
krb5-server-1.18.2-15.el8_6.i686.rpm
SHA-256: 1615ae366b9eb69d9df2dc36dc32ece5606286403b4e93912e04f217d5d0fae6
krb5-server-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 3cdbb9f2c4d6b3331a6f4b380b07a313d458dbb5f3d94847290f0ee323444d1d
krb5-server-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 1783806c50de58852013c00fb03eb223edbf11f50cb8a87ea914febd5509a551
krb5-server-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 9a337ecbd336dc68039366bac49616eb56529cb6754267f1f68d78d48b9c5713
krb5-server-ldap-1.18.2-15.el8_6.i686.rpm
SHA-256: 17724001f5744e257381acf7d41a8f7b05e4fbd6aae4da8415fd83724706aa18
krb5-server-ldap-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f5dfcb788f3eb090eb16bfa1e9d0b202c8e97e733a786d2add0724592335254a
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 2fb884907512ca6492ef0e84e4f91478aa763c6a4027257679d6370e9ced3fc9
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2ec6892533b5c420ada803a3d3f753e44b24869b5b846a0993af7f97cc305223
krb5-workstation-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 193c38580d90ae218d36ad3a3875e770acdacfcc94786243da57dad8ed110423
krb5-workstation-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 524c8c5b2077ec4e4e6fc378d4b6bee5fd2e4a5368680bfad7d76ca3485814e6
krb5-workstation-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f49a0babaaf572d8e8fef909efbbd5e1a06df13cb27a295fec7ca8ae96476b0e
libkadm5-1.18.2-15.el8_6.i686.rpm
SHA-256: 33246cc2c777360cd1066b47bcff3077d71a1648a79792a03941760421ef289f
libkadm5-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2d4f78929e464d254f998e1ef1c569d9ab031c303109bdea41b17deaa4fb52cf
libkadm5-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 989c32fdafa98495e7b3074fc35b2489e1e150407cd28e20607fd9b78555d207
libkadm5-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 4daeb6f6beaa4a27ad9ef943f3b1f625b27b6c7544678fcc60b5278ccd6047fb
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6
SRPM
krb5-1.18.2-15.el8_6.src.rpm
SHA-256: 475eec1219832a711af8a81d07cbe4588ec521c12d85d4357d83eda912f7dba1
s390x
krb5-debuginfo-1.18.2-15.el8_6.s390x.rpm
SHA-256: baaa5a80972d05639414519995d24270deae69cd5bc3abd4cbf8d7a8709cabf6
krb5-debugsource-1.18.2-15.el8_6.s390x.rpm
SHA-256: b3f99d7fc27e3ef0f01769f591c823ef310f0f1ada3636eed971d4b9c8302e0e
krb5-devel-1.18.2-15.el8_6.s390x.rpm
SHA-256: 5cefc3c494b7de9e6ebb6407d9ed4ad5b5aacef5034fb4b01b3ed6a573464194
krb5-devel-debuginfo-1.18.2-15.el8_6.s390x.rpm
SHA-256: 55d28586f37a83eedf27269644abb0249dd8d4f3bef61d6cd643a854e1760b38
krb5-libs-1.18.2-15.el8_6.s390x.rpm
SHA-256: 28d1625a0d8ef321c40cd879e191a5be86698544bc89c2719dc43c652b55841b
krb5-libs-debuginfo-1.18.2-15.el8_6.s390x.rpm
SHA-256: 7491885b5f861b8bd4a9a591bf81c11c954390a1f40f5b6678701e2823d24b28
krb5-pkinit-1.18.2-15.el8_6.s390x.rpm
SHA-256: f2869f973557d03b27d7a88bf49e5e99cc0979ac408f2bbfe41ffe3b2b9d70fc
krb5-pkinit-debuginfo-1.18.2-15.el8_6.s390x.rpm
SHA-256: 3612d13d64794c42637827b4176a76ea830e56fae6d66862042afd3e3a7fc03b
krb5-server-1.18.2-15.el8_6.s390x.rpm
SHA-256: e7996611ed63e5fd2925a1036c34b9f7e9b6730c19a4d61a23a3de8d023c2edc
krb5-server-debuginfo-1.18.2-15.el8_6.s390x.rpm
SHA-256: d97193aa8148d9969fdcd2d146a0b3b75a9de2f86acbc08c5b3d728169b52ea4
krb5-server-ldap-1.18.2-15.el8_6.s390x.rpm
SHA-256: 1e5ab1e0120048f9b1c8a596de4c6905527ebbc136dfc7e9e2170a76fe9d5bc3
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.s390x.rpm
SHA-256: 86359c74bd0ab0e997443fab7c51894898f28ec256c02076484f70e35dc7734e
krb5-workstation-1.18.2-15.el8_6.s390x.rpm
SHA-256: ec221994b91dd05b9f11e90f3c5e495d4783570ad3ea116bac54dbd72fed8ee6
krb5-workstation-debuginfo-1.18.2-15.el8_6.s390x.rpm
SHA-256: ba87a647f391989e19782a76f3bf9ea5929960f901c650626e7ddeb5a270668e
libkadm5-1.18.2-15.el8_6.s390x.rpm
SHA-256: 2d89143a1198d4ffc70af819fc40dc6654eed92d5dfc7e46469381eb86023d92
libkadm5-debuginfo-1.18.2-15.el8_6.s390x.rpm
SHA-256: 708ad52b062b7db3eed0700075613079a45082a3c9a5c2f40a8d61b1e36833b0
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
SRPM
krb5-1.18.2-15.el8_6.src.rpm
SHA-256: 475eec1219832a711af8a81d07cbe4588ec521c12d85d4357d83eda912f7dba1
ppc64le
krb5-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 068d4f9dd1129cbccdd3a8ec40c9ef65779e973e51fa27180d7c8b8504392ea7
krb5-debugsource-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: b5dfb5f7779faf9256b8680be8ea981cd3c87b7289a6fd8ffecd2534a4dd90f4
krb5-devel-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: c7e886229d3842306cad392da4bdf83aeb4d4c32851e3023a24afb29f7dd45ef
krb5-devel-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 298b4d9f392796f6aaf418766c82b59e04324653b14b08341b96e4027e3039cb
krb5-libs-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: e77c53cfea7c6a8c408d03c0762aff116eb22af6fcf06fd87bf25718daa1087f
krb5-libs-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 8968e6746dba8b654a5715247f38a227873501b5174a202c92e2509724384aa6
krb5-pkinit-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 8e3b7aad65863920554b70f2caa2a87b0b3313e5c4c474155fda8e1b32ad9943
krb5-pkinit-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 2052c454e5a0dfed23c6d7c5acf60541cdce903d67df49d18ec17db14d98e2d2
krb5-server-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 2eb5b351b2b087dcdcf87df12c299b7e34f538bca5d6af76a6d77f243f15eb7b
krb5-server-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 6a4e6c74c44291cc6e12fe538685ce8f0f31bf9deb0b95f56d5a57f15a5a1e74
krb5-server-ldap-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 710696a29806384b432d10fe274168386627d629fc8b2cae9fabc9e1f63cf59e
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: c75f5c03b982275a6f727517021d0e5eef35f66bd942ac320d76a6056ad0b75c
krb5-workstation-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 17613b8ca6d63279fec32ace73059d0e887d88d37ba531ccaad5a46f868f6db7
krb5-workstation-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 66dddaae36b259a2c6c2b3a84c481c6a9a53e45c90ade1a6ca91c1a91fce8d18
libkadm5-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 4589d8a36f2c0358e72c72d720706166f46bc23f315cb645ed4bb3fd3c394e68
libkadm5-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 6d2cc6d6d47ef85f497274525f1865223106ffdc2000fcfa7ebcf0f1cd7a3845
Red Hat Enterprise Linux Server - TUS 8.6
SRPM
krb5-1.18.2-15.el8_6.src.rpm
SHA-256: 475eec1219832a711af8a81d07cbe4588ec521c12d85d4357d83eda912f7dba1
x86_64
krb5-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 79fb909981512fb25638a2ab9c94b011de060bc06e211b6b61aabad17ae64d47
krb5-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: b9a54b4be563354633d7eee6db2f19268a387ab897f024e599b8379e7de56766
krb5-debugsource-1.18.2-15.el8_6.i686.rpm
SHA-256: d93310a3ad5887a0152e5bb825c741d06d6998e4e7496bf94d95036fa88ccffb
krb5-debugsource-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 301279870a68d331b76c2cc7ca809ef976dc3e10838f82415855ad9ddd98d126
krb5-devel-1.18.2-15.el8_6.i686.rpm
SHA-256: 2accbb201e56b594a20ac86fbe35281d861b9825090e2ee0910a33190f63251b
krb5-devel-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2e84fb139208da3d134e0b603caa33f4cee0aa756a0903541ecd56c841476a22
krb5-devel-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 4dfe16f1a08b62cebd00f8dc657167b5b8139374c371ddab4c229a8414867a36
krb5-devel-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: a8c33ad61f80c5d681ac5020b6bc561ea932dbcd9ca6246fc87f29c6b4ed03f4
krb5-libs-1.18.2-15.el8_6.i686.rpm
SHA-256: 9a416140e81216134c4aa52f6c93962afe01fc25314227dcdbbb128dcadba3c7
krb5-libs-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 48f84e207fca003157c92c5b392361f7a0ea51229ed59436f08ec45ac283934b
krb5-libs-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: a9f9a5b244c14e08f3c8012154360c3d280df0c6f2a364f8a0b9cc5c3459cb7f
krb5-libs-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 79b6df2b042b33d747d0efa2b71aa7d35bfb98664027dd6c020e367bd910f64e
krb5-pkinit-1.18.2-15.el8_6.i686.rpm
SHA-256: 774f15ed284c0cbb78e0c7988882f0c6817600ccac47e19b6381f9706cb5b8c9
krb5-pkinit-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f572578054f5f41a0fa408be2b0886d88e4e0f467f90da9e4358dd20ba8d3f9b
krb5-pkinit-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 5ba6672e74c93b5a65e8286d56f93d91c45f609ac0fb778b1db620cd13af4301
krb5-pkinit-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: c8d049dba9366d591c50c2cb2ebeea0175245f1c99a66101c705592cd3478a02
krb5-server-1.18.2-15.el8_6.i686.rpm
SHA-256: 1615ae366b9eb69d9df2dc36dc32ece5606286403b4e93912e04f217d5d0fae6
krb5-server-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 3cdbb9f2c4d6b3331a6f4b380b07a313d458dbb5f3d94847290f0ee323444d1d
krb5-server-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 1783806c50de58852013c00fb03eb223edbf11f50cb8a87ea914febd5509a551
krb5-server-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 9a337ecbd336dc68039366bac49616eb56529cb6754267f1f68d78d48b9c5713
krb5-server-ldap-1.18.2-15.el8_6.i686.rpm
SHA-256: 17724001f5744e257381acf7d41a8f7b05e4fbd6aae4da8415fd83724706aa18
krb5-server-ldap-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f5dfcb788f3eb090eb16bfa1e9d0b202c8e97e733a786d2add0724592335254a
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 2fb884907512ca6492ef0e84e4f91478aa763c6a4027257679d6370e9ced3fc9
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2ec6892533b5c420ada803a3d3f753e44b24869b5b846a0993af7f97cc305223
krb5-workstation-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 193c38580d90ae218d36ad3a3875e770acdacfcc94786243da57dad8ed110423
krb5-workstation-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 524c8c5b2077ec4e4e6fc378d4b6bee5fd2e4a5368680bfad7d76ca3485814e6
krb5-workstation-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f49a0babaaf572d8e8fef909efbbd5e1a06df13cb27a295fec7ca8ae96476b0e
libkadm5-1.18.2-15.el8_6.i686.rpm
SHA-256: 33246cc2c777360cd1066b47bcff3077d71a1648a79792a03941760421ef289f
libkadm5-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2d4f78929e464d254f998e1ef1c569d9ab031c303109bdea41b17deaa4fb52cf
libkadm5-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 989c32fdafa98495e7b3074fc35b2489e1e150407cd28e20607fd9b78555d207
libkadm5-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 4daeb6f6beaa4a27ad9ef943f3b1f625b27b6c7544678fcc60b5278ccd6047fb
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6
SRPM
krb5-1.18.2-15.el8_6.src.rpm
SHA-256: 475eec1219832a711af8a81d07cbe4588ec521c12d85d4357d83eda912f7dba1
aarch64
krb5-debuginfo-1.18.2-15.el8_6.aarch64.rpm
SHA-256: a0a52009b69ed8ce302017ead265675c29e0648e5da49f74bfa94223e2853c78
krb5-debugsource-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 4a50bd6dd2937cb4b7fba7ed29464021925f0c718cd0e176e334405f24ad3ef3
krb5-devel-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 007a992ca64205f265f5d64feb0b154ffd28aef2011934bd71524cd4d5e78ea7
krb5-devel-debuginfo-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 901948c8476f4ef79150758359fc8cc7f09f07bb9b25460b97f5187111a9f413
krb5-libs-1.18.2-15.el8_6.aarch64.rpm
SHA-256: a2cb96590e448b62fa5d99104752d2df8e9a33370a6b5804e06c8deb14f9bccb
krb5-libs-debuginfo-1.18.2-15.el8_6.aarch64.rpm
SHA-256: b44119b1573550e349114dfbee5ad4d912abba2667a71f6be372c6fc7ac1af65
krb5-pkinit-1.18.2-15.el8_6.aarch64.rpm
SHA-256: e76933ed9d2956b5662b4399f98979343f1ef454191bb57adcaa360e5361e435
krb5-pkinit-debuginfo-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 992c9185ffc614e5d0033ad0ed5fc662a8667887f35148b5db65d31faeacf43c
krb5-server-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 9cec2e220c618f116ac93d7da51567a9f81bed4f34faaa301cad066fc748c246
krb5-server-debuginfo-1.18.2-15.el8_6.aarch64.rpm
SHA-256: f97b29d408715d132de0fc55b76e1968fcc0664e1c61310dfa412be39820db4b
krb5-server-ldap-1.18.2-15.el8_6.aarch64.rpm
SHA-256: c9b1dc2bc2b9cec6f2efe3eee5d4f374125255a4c7be6a49d20ae54a73b2e694
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 3cd6668fb37457504a8b430c63c4be4f58a527f8c0d878aff694fb1a2ef3cf8c
krb5-workstation-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 2e578d045c30e6322fe2056c45a175039e2d721177c1cbccf239cd96b309d912
krb5-workstation-debuginfo-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 6fa2dcdbd3b9d80db605fc77540d4e985cb92ce4a1ee0def9f98a3cc5d195864
libkadm5-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 2d1e4b1e84968f15c8aefc682743840c7c030d320957cb954c82f04b50b215b1
libkadm5-debuginfo-1.18.2-15.el8_6.aarch64.rpm
SHA-256: 2fb733335e0d420d5ca47f2fc743e51e5063b7d891a38111e1805f40269236f7
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
SRPM
krb5-1.18.2-15.el8_6.src.rpm
SHA-256: 475eec1219832a711af8a81d07cbe4588ec521c12d85d4357d83eda912f7dba1
ppc64le
krb5-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 068d4f9dd1129cbccdd3a8ec40c9ef65779e973e51fa27180d7c8b8504392ea7
krb5-debugsource-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: b5dfb5f7779faf9256b8680be8ea981cd3c87b7289a6fd8ffecd2534a4dd90f4
krb5-devel-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: c7e886229d3842306cad392da4bdf83aeb4d4c32851e3023a24afb29f7dd45ef
krb5-devel-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 298b4d9f392796f6aaf418766c82b59e04324653b14b08341b96e4027e3039cb
krb5-libs-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: e77c53cfea7c6a8c408d03c0762aff116eb22af6fcf06fd87bf25718daa1087f
krb5-libs-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 8968e6746dba8b654a5715247f38a227873501b5174a202c92e2509724384aa6
krb5-pkinit-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 8e3b7aad65863920554b70f2caa2a87b0b3313e5c4c474155fda8e1b32ad9943
krb5-pkinit-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 2052c454e5a0dfed23c6d7c5acf60541cdce903d67df49d18ec17db14d98e2d2
krb5-server-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 2eb5b351b2b087dcdcf87df12c299b7e34f538bca5d6af76a6d77f243f15eb7b
krb5-server-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 6a4e6c74c44291cc6e12fe538685ce8f0f31bf9deb0b95f56d5a57f15a5a1e74
krb5-server-ldap-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 710696a29806384b432d10fe274168386627d629fc8b2cae9fabc9e1f63cf59e
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: c75f5c03b982275a6f727517021d0e5eef35f66bd942ac320d76a6056ad0b75c
krb5-workstation-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 17613b8ca6d63279fec32ace73059d0e887d88d37ba531ccaad5a46f868f6db7
krb5-workstation-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 66dddaae36b259a2c6c2b3a84c481c6a9a53e45c90ade1a6ca91c1a91fce8d18
libkadm5-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 4589d8a36f2c0358e72c72d720706166f46bc23f315cb645ed4bb3fd3c394e68
libkadm5-debuginfo-1.18.2-15.el8_6.ppc64le.rpm
SHA-256: 6d2cc6d6d47ef85f497274525f1865223106ffdc2000fcfa7ebcf0f1cd7a3845
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
SRPM
krb5-1.18.2-15.el8_6.src.rpm
SHA-256: 475eec1219832a711af8a81d07cbe4588ec521c12d85d4357d83eda912f7dba1
x86_64
krb5-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 79fb909981512fb25638a2ab9c94b011de060bc06e211b6b61aabad17ae64d47
krb5-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: b9a54b4be563354633d7eee6db2f19268a387ab897f024e599b8379e7de56766
krb5-debugsource-1.18.2-15.el8_6.i686.rpm
SHA-256: d93310a3ad5887a0152e5bb825c741d06d6998e4e7496bf94d95036fa88ccffb
krb5-debugsource-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 301279870a68d331b76c2cc7ca809ef976dc3e10838f82415855ad9ddd98d126
krb5-devel-1.18.2-15.el8_6.i686.rpm
SHA-256: 2accbb201e56b594a20ac86fbe35281d861b9825090e2ee0910a33190f63251b
krb5-devel-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2e84fb139208da3d134e0b603caa33f4cee0aa756a0903541ecd56c841476a22
krb5-devel-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 4dfe16f1a08b62cebd00f8dc657167b5b8139374c371ddab4c229a8414867a36
krb5-devel-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: a8c33ad61f80c5d681ac5020b6bc561ea932dbcd9ca6246fc87f29c6b4ed03f4
krb5-libs-1.18.2-15.el8_6.i686.rpm
SHA-256: 9a416140e81216134c4aa52f6c93962afe01fc25314227dcdbbb128dcadba3c7
krb5-libs-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 48f84e207fca003157c92c5b392361f7a0ea51229ed59436f08ec45ac283934b
krb5-libs-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: a9f9a5b244c14e08f3c8012154360c3d280df0c6f2a364f8a0b9cc5c3459cb7f
krb5-libs-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 79b6df2b042b33d747d0efa2b71aa7d35bfb98664027dd6c020e367bd910f64e
krb5-pkinit-1.18.2-15.el8_6.i686.rpm
SHA-256: 774f15ed284c0cbb78e0c7988882f0c6817600ccac47e19b6381f9706cb5b8c9
krb5-pkinit-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f572578054f5f41a0fa408be2b0886d88e4e0f467f90da9e4358dd20ba8d3f9b
krb5-pkinit-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 5ba6672e74c93b5a65e8286d56f93d91c45f609ac0fb778b1db620cd13af4301
krb5-pkinit-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: c8d049dba9366d591c50c2cb2ebeea0175245f1c99a66101c705592cd3478a02
krb5-server-1.18.2-15.el8_6.i686.rpm
SHA-256: 1615ae366b9eb69d9df2dc36dc32ece5606286403b4e93912e04f217d5d0fae6
krb5-server-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 3cdbb9f2c4d6b3331a6f4b380b07a313d458dbb5f3d94847290f0ee323444d1d
krb5-server-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 1783806c50de58852013c00fb03eb223edbf11f50cb8a87ea914febd5509a551
krb5-server-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 9a337ecbd336dc68039366bac49616eb56529cb6754267f1f68d78d48b9c5713
krb5-server-ldap-1.18.2-15.el8_6.i686.rpm
SHA-256: 17724001f5744e257381acf7d41a8f7b05e4fbd6aae4da8415fd83724706aa18
krb5-server-ldap-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f5dfcb788f3eb090eb16bfa1e9d0b202c8e97e733a786d2add0724592335254a
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 2fb884907512ca6492ef0e84e4f91478aa763c6a4027257679d6370e9ced3fc9
krb5-server-ldap-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2ec6892533b5c420ada803a3d3f753e44b24869b5b846a0993af7f97cc305223
krb5-workstation-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 193c38580d90ae218d36ad3a3875e770acdacfcc94786243da57dad8ed110423
krb5-workstation-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 524c8c5b2077ec4e4e6fc378d4b6bee5fd2e4a5368680bfad7d76ca3485814e6
krb5-workstation-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: f49a0babaaf572d8e8fef909efbbd5e1a06df13cb27a295fec7ca8ae96476b0e
libkadm5-1.18.2-15.el8_6.i686.rpm
SHA-256: 33246cc2c777360cd1066b47bcff3077d71a1648a79792a03941760421ef289f
libkadm5-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 2d4f78929e464d254f998e1ef1c569d9ab031c303109bdea41b17deaa4fb52cf
libkadm5-debuginfo-1.18.2-15.el8_6.i686.rpm
SHA-256: 989c32fdafa98495e7b3074fc35b2489e1e150407cd28e20607fd9b78555d207
libkadm5-debuginfo-1.18.2-15.el8_6.x86_64.rpm
SHA-256: 4daeb6f6beaa4a27ad9ef943f3b1f625b27b6c7544678fcc60b5278ccd6047fb
Related news
Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
Red Hat OpenShift Container Platform release 4.11.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21235: A flaw was found in the VCS package, caused by improper validation of user-supplied input. By using a specially-crafted argument, a remote attacker could execute arbitrary commands o...
Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base image. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where reques...
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...
Red Hat Security Advisory 2023-1174-01 - OpenShift API for Data Protection (OADP) 1.1.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.
Migration Toolkit for Applications 6.0.1 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36567: A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path. * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to...
Red Hat Security Advisory 2023-0786-01 - Network observability is an OpenShift operator that provides a monitoring pipeline to collect and enrich network flows that are produced by the Network observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a FlowCollector is deployed, new dashboards are available in the Console.
Network observability 1.1.0 release for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0813: A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows without authentication.
Logging Subsystem 5.6.1 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-35065: A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability. * CVE-2022-46175: A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned f...
Red Hat OpenShift Service Mesh 2.3.1 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-3962: kiali: error message spoofing in kiali UI * CVE-2022-27664: golang: ...
Ubuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...
Red Hat Security Advisory 2022-7399-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General Availability release images, which provide security updates, fix bugs, and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function * CVE-2022-41912: crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-8827-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes.
Red Hat Security Advisory 2022-8662-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
An update for krb5 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Red Hat Security Advisory 2022-8639-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8638-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8648-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8641-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2022-8637-01 - Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center. Issues addressed include an integer overflow vulnerability.
An update for krb5 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
An update for krb5 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42898: krb5: integer overflow vulnerabilities in PAC parsing
Debian Linux Security Advisory 5287-1 - Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos.