Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 414
Alerts This Week
Warning Icon 1 414

Oracle Linux 7 ELSA-2022-8640 Critical: Krb5 Integer Overflow Fix

oracle
Calendar Grey November 29, 2022
Oracle Linux Logo Esm H88
Oracle Linux Security Notice ELSA-2023-1234 reports an urgent openSSL vulnerability that remedies potential buffer overflow defects.
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[1.15.1-55.0.1] - Add recursion limit for ASN.1 indefinite lengths [Orabug: 32582360] [1.15.1-55] - Fix integer overflows in PAC parsing (CVE-2022-42898) - Resolves: rhbz#2140961

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates/krb5-1.15.1-55.0.1.el7_9.src.rpm

x86_64

krb5-devel-1.15.1-55.0.1.el7_9.i686.rpm krb5-devel-1.15.1-55.0.1.el7_9.x86_64.rpm krb5-libs-1.15.1-55.0.1.el7_9.i686.rpm krb5-libs-1.15.1-55.0.1.el7_9.x86_64.rpm krb5-pkinit-1.15.1-55.0.1.el7_9.x86_64.rpm krb5-server-1.15.1-55.0.1.el7_9.x86_64.rpm krb5-server-ldap-1.15.1-55.0.1.el7_9.x86_64.rpm krb5-workstation-1.15.1-55.0.1.el7_9.x86_64.rpm libkadm5-1.15.1-55.0.1.el7_9.i686.rpm libkadm5-1.15.1-55.0.1.el7_9.x86_64.rpm

aarch64

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2022-42898

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.