[Secure-testing-commits] r57103 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Oct 29 12:39:04 UTC 2017
Author: carnil
Date: 2017-10-29 12:39:04 +0000 (Sun, 29 Oct 2017)
New Revision: 57103
Modified:
data/CVE/list
Log:
Add note for krb5 issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-29 11:54:34 UTC (rev 57102)
+++ data/CVE/list 2017-10-29 12:39:04 UTC (rev 57103)
@@ -2144,6 +2144,11 @@
[jessie] - krb5 <no-dsa> (Minor issue)
NOTE: https://github.com/krb5/krb5/pull/707
NOTE: Fixed by: https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4
+ NOTE: Red Hat eanbled the code in question in the KDC and thus having it
+ NOTE: exposed as network-facing issue. For Debian and upstream the code only
+ NOTE: runs on client systems, and only with a certificate that is explicitly
+ NOTE: configured locally, leading to a local kinit crash if passed a crafted
+ NOTE: local certificate. This is hardly has any harmful security implication.
CVE-2017-15087
RESERVED
- samba <not-affected> (Incomplete Red Hat backport for CVE-2017-12163)
More information about the Secure-testing-commits
mailing list