Fedora 41 : krb5 (2025-42a13f896e)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-42a13f896e advisory. Disallowing use of the arcfour-hmac-md5 encryption type for session keys Add support for the PKINIT paChecksum2 sequence, required for Active Directory...

Fedora 40 : krb5 (2025-61b9344baf)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-61b9344baf advisory. - Prevent overflow when calculating ulog block size CVE-2025-24528 - Support PKCS11 EC client certs in PKINIT - kdb5util: fix DB entry flags on modification ...

lib32-krb5: multiple issues

CVE-2014-5355 denial of service When a server process uses the krb5recvauth function, an unauthenticated remote attacker can cause a NULL dereference by sending a zero-byte version string, or a read beyond the end of allocated storage by sending a non-null-terminated version string. The example...

krb5: multiple issues

CVE-2014-5355 denial of service When a server process uses the krb5recvauth function, an unauthenticated remote attacker can cause a NULL dereference by sending a zero-byte version string, or a read beyond the end of allocated storage by sending a non-null-terminated version string. The example...