SUSE: 2015:1897-1 Important: krb5 Update Critical DoS Fix

suse

November 4, 2015

An update that solves three vulnerabilities and has one An update that solves three vulnerabilities and has one An update that solves three vulnerabilities and has one errata is no...

Summary

krb5 was updated to fix three security issues. These security issues were fixed: - CVE-2015-2695: Applications which call gss_inquire_context() on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. (bsc#952188). - CVE-2015-2696: Applications which call gss_inquire_context() on a partially-established IAKERB context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. (bsc#952189). - CVE-2015-2697: Incorrect string handling in build_principal_va can lead to DOS (bsc#952190). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:

Topics Covered

security advisory software patch DoS krb5 update SUSE Linux

References

#948011 #952188 #952189 #952190

Cross- CVE-2015-2695 CVE-2015-2696 CVE-2015-2697

Affected Products:

SUSE Linux Enterprise Software Development Kit 12

SUSE Linux Enterprise Server 12

SUSE Linux Enterprise Desktop 12

https://www.suse.com/security/cve/CVE-2015-2695.html

https://www.suse.com/security/cve/CVE-2015-2696.html

https://www.suse.com/security/cve/CVE-2015-2697.html

https://bugzilla.suse.com/show_bug.cgi?id=948011

https://bugzilla.suse.com/show_bug.cgi?id=952188

https://bugzilla.suse.com/show_bug.cgi?id=952189

https://bugzilla.suse.com/show_bug.cgi?id=952190

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2015:1897-1

Rating: important

Topics Covered

security advisory software patch DoS krb5 update SUSE Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1897-1 Important: krb5 Update Critical DoS Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1897-1 Important: krb5 Update Critical DoS Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!