KRB5 security update for Debian ELTS

Debian 10225 Published 2024-07-30 07:37 by Philipp Esselbach

News

The following update has been released for Debian GNU/Linux 8 (Jessie), 9 (Stretch), and 10 (Buster) Extended LTS:

ELA-1141-1 krb5 security update

ELA-1141-1 krb5 security update

Package : krb5
Version : 1.12.1+dfsg-19+deb8u9 (jessie), 1.15-1+deb9u6 (stretch), 1.17-3+deb10u7 (buster)

Related CVEs :
CVE-2024-26458
CVE-2024-26461
CVE-2024-37370
CVE-2024-37371

Multiple vulnerabilities have been fixed in krb5, the MIT implementation of the Kerberos network authentication protocol.

CVE-2024-26458
Memory leak in xmt_rmtcallres()

CVE-2024-26461
Memory leak in gss_krb5int_make_seal_token_v3()

CVE-2024-37370
GSS wrap token Extra Count field manipulation

CVE-2024-37371
Invalid GSS memory reads with manipulated tokens

ELA-1141-1 krb5 security update

Linux Kernel updates for Ubuntu

watchOS 10.6 released

Community

dhamu
Hello Phil, I have a Linux Tutorial website that curre ...
StephanX
Hi friends, i am new in the Linux universe but i try to ...
Philipp
I would try the XanMod kernel: https://xanmod.org I ...

ELA-1141-1 krb5 security update

Windows

Linux

macOS

Community