Debian 10262 Published by

A krb5 security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address a potential Denial of Service (DoS) attack issue.



ELA-753-1 krb5 security update

Package : krb5
Version : 1.12.1+dfsg-19+deb8u7 (jessie), 1.15-1+deb9u4 (stretch)

Related CVEs :
CVE-2022-42898

It was discovered that there was a potential Denial of Service (DoS) attack against krb5, a suite of tools implementing the Kerberos authentication system. An integer overflow in PAC parsing could have been exploited if a cross-realm entity acted maliciously.

  ELA-753-1 krb5 security update