Oval Definition:	oval:com.redhat.rhsa:def:20211593
Revision Date: 2021-05-18 Version: 637 Title: RHSA-2021:1593: krb5 security update (Moderate) Description: Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es): krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS (CVE-2020-28196) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. Family: unix Class: patch Status: Reference(s): CVE-2020-28196 RHSA-2021:1593 Platform(s): Red Hat Enterprise Linux 8 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 8 is installed OR Red Hat CoreOS 4 is installed AND krb5-devel is earlier than 0:1.18.2-8.el8 AND krb5-devel is signed with Red Hat redhatrelease2 key krb5-libs is earlier than 0:1.18.2-8.el8 AND krb5-libs is signed with Red Hat redhatrelease2 key krb5-pkinit is earlier than 0:1.18.2-8.el8 AND krb5-pkinit is signed with Red Hat redhatrelease2 key krb5-server is earlier than 0:1.18.2-8.el8 AND krb5-server is signed with Red Hat redhatrelease2 key krb5-server-ldap is earlier than 0:1.18.2-8.el8 AND krb5-server-ldap is signed with Red Hat redhatrelease2 key krb5-workstation is earlier than 0:1.18.2-8.el8 AND krb5-workstation is signed with Red Hat redhatrelease2 key libkadm5 is earlier than 0:1.18.2-8.el8 AND libkadm5 is signed with Red Hat redhatrelease2 key
BACK