Stay Secure with the Latest Linux Advisories

security advisorycriticalkrb5

Fedora 34: FEDORA-2021-f3d8515f03 Urgent: libcurl Memory Leak Issue

- CVE-2021-37750 (explicit NULL deref on KDC). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-f2c8514f02 2021-08-27 18:55:25.463086 --------------------------------------------------------------------------------Name : krb5 Product : Fedora 33 Version : 1.18.2 Release : 31.fc33 URL : https://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. --------------------------------------------------------------------------------Update Information: - CVE-2021-37750 (explicit NULL deref on KDC) --------------------------------------------------------------------------------ChangeLog: * Thu Aug 19 2021 Robbie Harwood - 1.18.2-31 - Fix KDC null deref on TGS inner body null server (CVE-2021-37750) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-f2c8514f02' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Important notice regarding Fedora 33 concerning CVE-2021-37751 which pertains to a null pointer dereference vulnerability in krb5.. Fedora Security Update, Kerberos Authentication, KDC Vulnerability Patch. . Severity: Critical. LinuxSecurity.com Team

Aug 27, 2021 •Critical Fedora