[Midnightbsd-cvs] [MidnightBSD/src] 1c3006: Multiple security vulnerabilities have been discov...
Lucas Holt
noreply at github.com
Sun Nov 20 15:23:49 EST 2022
Branch: refs/heads/master
Home: https://github.com/MidnightBSD/src
Commit: 1c3006357650b6281aa95042dda7161a865ac4fc
https://github.com/MidnightBSD/src/commit/1c3006357650b6281aa95042dda7161a865ac4fc
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-11-20 (Sun, 20 Nov 2022)
Changed paths:
M crypto/heimdal/admin/change.c
M crypto/heimdal/appl/gssmask/gssmask.c
M crypto/heimdal/kadmin/kadmind.c
M crypto/heimdal/kadmin/mod.c
M crypto/heimdal/kadmin/stash.c
M crypto/heimdal/kcm/protocol.c
M crypto/heimdal/kdc/digest.c
M crypto/heimdal/kdc/hpropd.c
M crypto/heimdal/kdc/kdc-replay.c
M crypto/heimdal/kdc/krb5tgs.c
M crypto/heimdal/kdc/kstash.c
M crypto/heimdal/kdc/pkinit.c
M crypto/heimdal/kuser/kdestroy.c
M crypto/heimdal/kuser/kswitch.c
M crypto/heimdal/lib/asn1/der_copy.c
M crypto/heimdal/lib/asn1/gen_decode.c
M crypto/heimdal/lib/asn1/gen_free.c
M crypto/heimdal/lib/gssapi/krb5/accept_sec_context.c
M crypto/heimdal/lib/gssapi/krb5/arcfour.c
M crypto/heimdal/lib/gssapi/krb5/decapsulate.c
M crypto/heimdal/lib/gssapi/krb5/unwrap.c
M crypto/heimdal/lib/gssapi/mech/gss_display_status.c
M crypto/heimdal/lib/gssapi/mech/gss_import_name.c
M crypto/heimdal/lib/gssapi/mech/gss_mech_switch.c
M crypto/heimdal/lib/gssapi/mech/mech_locl.h
M crypto/heimdal/lib/gssapi/ntlm/init_sec_context.c
M crypto/heimdal/lib/gssapi/spnego/accept_sec_context.c
M crypto/heimdal/lib/hdb/hdb-mitdb.c
M crypto/heimdal/lib/hx509/hxtool.c
M crypto/heimdal/lib/hx509/ks_file.c
M crypto/heimdal/lib/hx509/name.c
M crypto/heimdal/lib/hx509/softp11.c
M crypto/heimdal/lib/ipc/client.c
M crypto/heimdal/lib/kadm5/get_s.c
M crypto/heimdal/lib/kadm5/init_c.c
M crypto/heimdal/lib/kadm5/ipropd_master.c
M crypto/heimdal/lib/kafs/afskrb5.c
M crypto/heimdal/lib/krb5/acl.c
M crypto/heimdal/lib/krb5/addr_families.c
M crypto/heimdal/lib/krb5/context.c
M crypto/heimdal/lib/krb5/deprecated.c
M crypto/heimdal/lib/krb5/init_creds_pw.c
M crypto/heimdal/lib/krb5/keytab.c
M crypto/heimdal/lib/krb5/krb5.h
M crypto/heimdal/lib/krb5/krb5_ccapi.h
M crypto/heimdal/lib/krb5/krbhst.c
M crypto/heimdal/lib/krb5/pac.c
M crypto/heimdal/lib/krb5/rd_req.c
M crypto/heimdal/lib/krb5/test_store.c
M crypto/heimdal/lib/krb5/transited.c
M crypto/heimdal/lib/roken/getaddrinfo.c
M crypto/heimdal/lib/wind/idn-lookup.c
M crypto/heimdal/lib/wind/normalize.c
Log Message:
-----------
Multiple security vulnerabilities have been discovered in the Heimdal
implementation of the Kerberos 5 network authentication protocols and KDC.
- - CVE-2022-42898 PAC parse integer overflows
- - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
- - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
- - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
- - CVE-2019-14870 Validate client attributes in protocol-transition
- - CVE-2019-14870 Apply forwardable policy in protocol-transition
- - CVE-2019-14870 Always lookup impersonate client in DB
Obtained from: FreeBSD
More information about the Midnightbsd-cvs
mailing list