OPENSUSE-SU-2020:2062-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. This update was imported from the SUSE:SLE-15-SP1:Update update project...

Security update for krb5 (moderate)

openSUSE Security Update: Security update for krb5 Announcement ID: openSUSE-SU-2020:2062-1 Rating: moderate References: 1178512 Cross-References: CVE-2020-28196 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for krb5 fixes...

OPENSUSE-SU-2020:2037-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. This update was imported from the SUSE:SLE-15-SP1:Update update project...

Security update for krb5 (moderate)

openSUSE Security Update: Security update for krb5 Announcement ID: openSUSE-SU-2020:2037-1 Rating: moderate References: 1178512 Cross-References: CVE-2020-28196 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for krb5 fixes...

CVE-2020-28196

A flaw was found in krb5. MIT Kerberos 5 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

Debian DSA-4795-1 : krb5 - security update

Demi Obeneour discovered that unbounded recursion in the ASN1 parser of libkrb5 could result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4795. The text itself is copyright C Software...

Debian: Security Advisory (DSA-4795-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4795-1] krb5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4795-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 21, 2020 https://www.debian.org/security/faq -...

SUSE-SU-2020:3379-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512...

SUSE-SU-2020:3375-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512...

CVE-2020-26883

In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents...

CVE-2020-26883

In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents...

DEBIAN-CVE-2020-28196

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

ALPINE-CVE-2020-28196

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

CVE-2020-28196

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

CVE-2020-28196

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

CVE-2020-28196

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

CVE-2020-28196

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

Stack Overflow in Apache Mesos

When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.1, 1.6.0 to 1.6.1, and 1.7.0 might overflow the stack due to unbounded recursion. A malicious actor can therefore cause a denial of service of Mesos masters...

UBUNTU-CVE-2019-6245

An issue was discovered in Anti-Grain Geometry AGG 2.4 as used in SVG++ aka svgpp 1.2.3. In the function agg::cellaa::notequal, dx is assigned to x2 - x1. If dx = dxlimit, which is 16384 polysubpixelshift, this function will call itself recursively. There can be a situation where x2 - x1 is alway...