Fedora 24: 2016-03-27 Moderate: krb5 NULL Dereference Issue
fedora
March 27, 2016
CVE-2016-3119, NULL dereference in LDAP module
Summary
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network's security by eliminating the insecure
practice of sending passwords over the network in unencrypted form.
Update Information:
CVE-2016-3119, NULL dereference in LDAP module. ---- Fix an issue with return codes on `gss_inquire_attrs_for_mech`. This resolves an issue with gss-ntlmssp, and anything else that is interposing but not implementing the corresponding mechglue function.
Topics Covered
Change Log
References
[ 1 ] Bug #1317609 - krb5 1.14.1 ate my gss-ntlmssp.
https://bugzilla.redhat.com/show_bug.cgi?id=1317609
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update krb5' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: krb5
Product: Fedora 24
Version: 1.14.1
Release: 3.fc24
Summary: The Kerberos network authentication system
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!