Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
patchinfo.4894
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.4894
<patchinfo incident="4894"> <issue id="1054028" tracker="bnc">AUDIT-0: krb5: Insecure DNS dependency in many Kerberos deployments</issue> <issue id="1032680" tracker="bnc">krb5 requires systemd, but does not need this</issue> <issue id="903543" tracker="bnc">systemd kadmind.service missing openldap dependency</issue> <issue id="1056995" tracker="bnc">VUL-0: CVE-2017-11462: krb5: automatic sec context deletion could lead to double-free</issue> <issue id="2017-11462" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>guohouzuo</packager> <description>This update for krb5 fixes several issues. This security issue was fixed: - CVE-2017-11462: Prevent automatic security context deletion to prevent double-free (bsc#1056995) These non-security issues were fixed: - Set "rdns" and "dns_canonicalize_hostname" to false in krb5.conf in order to improve client security in handling service principle names. (bsc#1054028) - Prevent kadmind.service startup failure caused by absence of LDAP service. (bsc#903543) - Remove main package's dependency on systemd (bsc#1032680) </description> <summary>Security update for krb5</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor