obsolete

heimdal-7.7.1-1.fc36

FEDORA-2022-fbca84b938 created by abo 2 years ago for Fedora 36

This release fixes the following Security Vulnerabilities:

  • CVE-2022-42898 PAC parse integer overflows
  • CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
  • CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
  • CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
  • CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ
  • CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec

Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0 on the Common Vulnerability Scoring System (CVSS) v3.

Reboot Required
After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

This update has been submitted for testing by abo.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago

This update has been obsoleted by heimdal-7.7.1-3.fc36.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
urgent
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Thresholds
Minimum Karma
+1
Minimum Testing
7 days
Dates
submitted
2 years ago
in testing
2 years ago

Automated Test Results