Lucene search
OracleLinuxELSA-2018-3071HistoryNov 05, 2018 - 12:00 a.m.
krb5 security, bug fix, and enhancement update
2018-11-0500:00:00
linux.oracle.com
500
4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
58.6%
[1.15.1-34]
- In FIPS mode, add plaintext fallback for RC4 usages and taint
- Resolves: #1570600
[1.15.1-33] - Use SHA-256 instead of MD5 for audit ticket IDs
- Resolves: #1570600
[1.15.1-32] - Include preauth name in trace output if possible
- Update cert generation scripts to work on modern openssl
- Fix per-request preauth scoping
- Add test case for PKINIT DH renegotiation
- Echo KDC cookies in preauth tryagain
- Fall back to other preauth mechanisms after failures
- Resolves: #1540130
[1.15.1-31] - Add German translation
- Resolves: #1497301
[1.15.1-30] - Add default pkinit_anchors value to krb5.conf
- Resolves: #1508081
[1.15.1-29] - Process profile includedir in sorted order
- Also, ignore dotfiles in included directories
- Resolves: #1539824
[1.15.1-28] - Exit with status 0 from kadmind
- Resolves: #1373909
[1.15.1-27] - Continue after KRB5_CC_END in KCM cache iteration
- Resolves: #1563166
[1.15.1-26] - Merge duplicate subsections in profile library
- Resolves: #1519625
[1.15.1-25] - Fix service dependencies on network state
- Resolves: #1525232
[1.15.1-24] - Explicitly use openssl rather than builtin crypto
- Resolves: #1570600
[1.15.1-23] - Fix flaws in LDAP DN checking (CVE-2018-5729, CVE-2018-5730)
- Resolves: #1562684
- Resolves: #1562679
[1.15.1-22] - Fix segfault in finish_dispatch()
- Resolves: #1568970
[1.15.1-21] - Unparse SANs with NO_REALM
- Resolves: #1482457
[1.15.1-20] - Fix hex conversion of PKINIT certid strings
- Resolves: #1538491
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | krb5 | < 1.15.1-34.el7 | krb5-1.15.1-34.el7.src.rpm |
| oracle linux | 7 | aarch64 | krb5-devel | < 1.15.1-34.el7 | krb5-devel-1.15.1-34.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | krb5-libs | < 1.15.1-34.el7 | krb5-libs-1.15.1-34.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | krb5-pkinit | < 1.15.1-34.el7 | krb5-pkinit-1.15.1-34.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | krb5-server | < 1.15.1-34.el7 | krb5-server-1.15.1-34.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | krb5-server-ldap | < 1.15.1-34.el7 | krb5-server-ldap-1.15.1-34.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | krb5-workstation | < 1.15.1-34.el7 | krb5-workstation-1.15.1-34.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | libkadm5 | < 1.15.1-34.el7 | libkadm5-1.15.1-34.el7.aarch64.rpm |
| oracle linux | 7 | src | krb5 | < 1.15.1-34.el7 | krb5-1.15.1-34.el7.src.rpm |
| oracle linux | 7 | i686 | krb5-devel | < 1.15.1-34.el7 | krb5-devel-1.15.1-34.el7.i686.rpm |
Related
nessus
nessus
RHEL 7 : krb5 (RHSA-2018:3071)
2018-10-31 00:00:00
Oracle Linux 7 : krb5 (ELSA-2018-3071)
2018-11-07 00:00:00
openSUSE Security Update : krb5 (openSUSE-2018-328)
2018-04-02 00:00:00
redhat
redhat
(RHSA-2018:3071) Low: krb5 security, bug fix, and enhancement update
2018-10-30 04:15:51
openvas
openvas
Fedora Update for krb5 FEDORA-2018-f97cb1c9b0
2018-03-02 00:00:00
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2019-1184)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0846-1)
2021-04-19 00:00:00
centos
centos
krb5, libkadm5 security update
2018-11-15 18:48:14
archlinux
archlinux
[ASA-201806-3] krb5: insufficient validation
2018-06-05 00:00:00
suse
suse
Security update for krb5 (important)
2019-02-05 00:00:00
ibm
ibm
altlinux
altlinux
Security fix for the ALT Linux 9 package krb5 version 1.16.1-alt1.S1
2018-08-27 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: krb5-1.15.2-7.fc26
2018-03-01 15:58:24
[SECURITY] Fedora 27 Update: krb5-1.15.2-7.fc27
2018-02-20 17:20:51
debian
debian
[SECURITY] [DLA 1643-1] krb5 security update
2019-01-25 22:46:23
[SECURITY] [DLA 2771-1] krb5 security update
2021-09-30 20:08:58
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2018-03-02 00:27:52
osv
osv
krb5 - security update
2019-01-25 00:00:00
CVE-2018-5729
2018-03-06 20:29:00
krb5 - security update
2021-09-30 00:00:00
debiancve
debiancve
CVE-2018-5729
2018-03-06 20:29:00
CVE-2018-5730
2018-03-06 20:29:00
redhatcve
redhatcve
prion
prion
Null pointer dereference
2018-03-06 20:29:00
Code injection
2018-03-06 20:29:00
veracode
veracode
Denial Of Service (DoS) Through Null Pointer Dereference
2018-04-27 08:03:30
Container Check Bypass
2018-05-17 07:29:23
ubuntucve
ubuntucve
cve
cve
CVE-2018-5729
2018-03-06 20:29:00
CVE-2018-5730
2018-03-06 20:29:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-1.0-0177
2018-08-17 00:00:00
Moderate Photon OS Security Update - PHSA-2018-0177
2018-08-17 00:00:00
Moderate Photon OS Security Update - PHSA-2019-0020
2019-06-17 00:00:00
avleonov
avleonov
4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
58.6%
Related for ELSA-2018-3071