You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa krb5

Sigurnosni nedostaci programskog paketa krb5

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-02-20 17:10:59.956939

Name : krb5
Product : Fedora 27
Version : 1.15.2
Release : 7.fc27
Summary : The Kerberos network authentication system
Description :
Kerberos V5 is a trusted-third-party network authentication system,
which can improve your network’s security by eliminating the insecure
practice of sending passwords over the network in unencrypted form.

Update Information:

Fix CVE-2018-5729, CVE-2018-5730. These are low-impact, requiring
administrator access to exploit. —- Fix leak in previous version. —-
Always read config snippets in alphabetical order per-directory.

[ 1 ] Bug #1535576 – CVE-2018-5729, CVE-2018-5730 krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c [fedora-all]
[ 2 ] Bug #1540939 – krb5-libs are leaking memory when parsing krb5 configuration

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade krb5’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorDanijel Kozinovic
Cert idNCERT-REF-2018-02-0156-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa golang

Otkriven je sigurnosni nedostatak u programskom paketu golang za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...