Oval Definition:oval:org.opensuse.security:def:81263
Revision Date:2017-10-09Version:1
Title:Security update for krb5 (Moderate)
Description:

This update for krb5 fixes several issues.

This security issue was fixed:

- CVE-2017-11462: Prevent automatic security context deletion to prevent double-free (bsc#1056995)

These non-security issues were fixed:

- Set 'rdns' and 'dns_canonicalize_hostname' to false in krb5.conf in order to improve client security in handling service principle names. (bsc#1054028) - Prevent kadmind.service startup failure caused by absence of LDAP service. (bsc#903543) - Remove main package's dependency on systemd (bsc#1032680)
Family:unixClass:patch
Status:Reference(s):1032680
1054028
1056995
903543
CVE-2017-11462
SUSE-SU-2017:2659-1
Platform(s):SUSE Linux Enterprise Server 12 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • krb5-1.12.5-40.13.1 is installed
  • OR krb5-32bit-1.12.5-40.13.1 is installed
  • OR krb5-client-1.12.5-40.13.1 is installed
  • OR krb5-doc-1.12.5-40.13.1 is installed
  • OR krb5-plugin-kdb-ldap-1.12.5-40.13.1 is installed
  • OR krb5-plugin-preauth-otp-1.12.5-40.13.1 is installed
  • OR krb5-plugin-preauth-pkinit-1.12.5-40.13.1 is installed
  • OR krb5-server-1.12.5-40.13.1 is installed
    • BACK