SUSE: 2020:688-1 Moderate Security Update: Fix for krb5 ASN.1 Recursion
suse
November 23, 2020
Summary
Advisory ID: SUSE-SU-2020:3375-1 Released: Thu Nov 19 09:28:25 2020 Summary: Security update for krb5 Type: security Severity: moderate Advisory ID: SUSE-RU-2020:3381-1 Released: Thu Nov 19 10:53:38 2020 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-RU-2020:3462-1 Released: Fri Nov 20 13:14:35 2020 Summary: Recommended update for pam and sudo Type: recommended
References
References : 1174593 1177458 1177490 1177510 1177858 1178512 1178727 CVE-2020-28196
1178512,CVE-2020-28196
This update for krb5 fixes the following security issue:
- CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message (bsc#1178512).
1177458,1177490,1177510
This update for systemd fixes the following issues:
- build-sys: optionally disable support of journal over the network (bsc#1177458)
- ask-password: prevent buffer overflow when reading from keyring (bsc#1177510)
- mount: don't propagate errors from mount_setup_unit() further up
- Rely on the new build option --disable-remote for journal_remote
This allows to drop the workaround that consisted in cleaning journal-upload files and
PREVIOUS
NEXT
Container Advisory ID : SUSE-CU-2020:688-1
Container Tags : suse/sle15:15.0 , suse/sle15:15.0.4.22.302
Container Release : 4.22.302
Severity : moderate
Type : security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!