[CLSA-2024:1727287657] Fix CVE(s): CVE-2021-37370, CVE-2021-37371, CVE-2024-37370, CVE-2024-37371
Type:
security
Severity:
Critical
Release date:
2024-09-25 18:07:40 UTC
Description:
* SECURITY UPDATE: fix GSS vulnerabilities - debian/patches/CVE-2021-37370.patch: prevent modification of Extra Count field in GSS krb5 wrap CFX wrap token to avoid appearing truncated to application header - debian/patches/CVE-2021-37371.patch: fix invalid memory reads during GSS message token handling - CVE-2024-37370 - CVE-2024-37371
Updated packages:
  • krb5-admin-server_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:c6bb09b9f6d900ebc968a9d934d09f2e60401139
  • krb5-doc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_all.deb
    sha:730aac08a6c4b7fa3cc938c6fdbd88835bc0ff4a
  • krb5-gss-samples_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:fe5e24678dfb8726711af4e38af861caf3260071
  • krb5-k5tls_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:ae97f70a016992726199c11f32ad6dfcd1f03f10
  • krb5-kdc_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:7c4e28b1cc1711d5ba9ddafef43bb484fb2c9c72
  • krb5-kdc-ldap_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:b806fc97026d11cfdfd9bd0c2b9892f102f176fc
  • krb5-locales_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_all.deb
    sha:d4ed1b53f5202f83257a7bcc170d966a7f21a800
  • krb5-multidev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:ef461d7fed9dd1e68df24a2d876d54c1aeb508d3
  • krb5-otp_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:694ac415cf3ba43588867167ad250422a33f41e2
  • krb5-pkinit_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:0359df2832265935fc251c106343ebf26f0559f3
  • krb5-user_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:fec3cdfe98f392fae9ad9fac1c9c4abe006fffd6
  • libgssapi-krb5-2_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:a0e6c65b33d4d07e1202af9ec95a5ee8758df176
  • libgssrpc4_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:34ba60af71ed74df2efa2117f0f8e5f35d00a9c0
  • libk5crypto3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:29ed337be45ffd21946d535ea35bc48f49ceb51d
  • libkadm5clnt-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:b77c2bb2344f3a25e4e5dcf555820d5067e0c307
  • libkadm5srv-mit9_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:688618d6e84eb785dcf3389844eb07fb4b5c5d73
  • libkdb5-8_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:c6b3358999d00457612eee2fe08f5c29ac2d3f09
  • libkrad-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:95d64bd9b064d1bdde006758741aab35c5719f96
  • libkrad0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:e84163aebfa9a0f7c0296f807a92c18c504890f0
  • libkrb5-3_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:fcea039c9abdf72a14be3fda70ae7ece1b931a4e
  • libkrb5-dev_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:cd6ea1664d5e0299891ea32011751211d19f109d
  • libkrb5support0_1.13.2+dfsg-5ubuntu2.2+tuxcare.els4_amd64.deb
    sha:36495e073337c263b0f46e159a3b6960d843edfa
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.