[CLSA-2024:1727288271] Fix CVE(s): CVE-2021-37370, CVE-2021-37371, CVE-2024-37370, CVE-2024-37371
Type:
security
Severity:
Critical
Release date:
2024-09-25 18:17:56 UTC
Description:
* SECURITY UPDATE: fix GSS vulnerabilities - debian/patches/CVE-2021-37370.patch: prevent modification of Extra Count field in GSS krb5 wrap CFX wrap token to avoid appearing truncated to application header - debian/patches/CVE-2021-37371.patch: fix invalid memory reads during GSS message token handling - CVE-2024-37370 - CVE-2024-37371
Updated packages:
  • krb5-admin-server_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:024b75c7f0ffc3f689a19b21e190c2ca5cd9a997
  • krb5-doc_1.16-2ubuntu0.4+tuxcare.els2_all.deb
    sha:7bc9dba14814cafda8f9263363f2430ad5e934c8
  • krb5-gss-samples_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:36421c2161f08ef13ffb41b02997fb192406f2d9
  • krb5-k5tls_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:977192fa08d276a70d5a0e1707bacaa591a2aea3
  • krb5-kdc_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:29c11c9ed13087c57c6bbdd4c5dbb58514838242
  • krb5-kdc-ldap_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:6b29e749ca8039e8d705bfb2b5a70a735848da1b
  • krb5-kpropd_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:a214682c813e79a09c6bc55f19344a30e92b52c4
  • krb5-locales_1.16-2ubuntu0.4+tuxcare.els2_all.deb
    sha:c3b7024fcd2160e973f2c3c161c78f32f7a118da
  • krb5-multidev_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:c89c6a7b684641df00e8309e183fb1f30264e6fc
  • krb5-otp_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:045235d840431b9c13ab187bce7578661724060c
  • krb5-pkinit_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:80367d52d1cb69742dc0029e2688d600d4d82990
  • krb5-user_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:db4b852dd03101a4cad5ef638bc98fd47d0b17e8
  • libgssapi-krb5-2_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:903ee29bf79ba15a4507586e4766bac7a7174ba6
  • libgssrpc4_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:7887d48a98a82099fee01dbcd43eaba888c27e96
  • libk5crypto3_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:8fb17f780c3109fdf66cece613f2bc5d77f901df
  • libkadm5clnt-mit11_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:cb3e28665e2b0fbf7e45d8ee85b6335927e2411e
  • libkadm5srv-mit11_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:5c890c8a5693b2ba6e2e91e1a85019122353ee59
  • libkdb5-9_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:70f11d205db1b09adcfa4518210a79381eb7dc27
  • libkrad-dev_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:244cd6d7b1656dc93d25e2387ffbd3d24572b2d8
  • libkrad0_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:d1c7089ca15ed1b6f68307f18bf213a9a1ca42ef
  • libkrb5-3_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:0e96d2d49992be23753fc9fec189247244c7e576
  • libkrb5-dev_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:a9b89d4cda19f6abf17da4c082ba8d0196dfd349
  • libkrb5support0_1.16-2ubuntu0.4+tuxcare.els2_amd64.deb
    sha:7602b5d4c96ba54fa0d2b513505ed478fbabdbdb
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.