Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for krb5

This update for krb5 provides the following fixes:

Security issues fixed:

- CVE-2018-5730: DN container check bypass by supplying special crafted data (bsc#1083927).
- CVE-2018-5729: Null pointer dereference in kadmind or DN container check bypass by supplying special crafted data (bsc#1083926).

Non-security issues fixed:

- Make it possible for legacy applications (e.g. SAP Netweaver) to remain compatible with
newer Kerberos. System administrators who are experiencing this kind of compatibility
issues may set the environment variable GSSAPI_ASSUME_MECH_MATCH to a non-empty value,
and make sure the environment variable is visible and effective to the application
startup script. (bsc#1057662)
- Fix a GSS failure in legacy applications by not indicating deprecated GSS mechanisms in
gss_indicate_mech() list. (bsc#1081725)

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Fixed bugs
bnc#1057662
L3: kerberos authentication error after upgrading to SLES12sp2 from SAP application
bnc#1081725
Kerberos SNCERR_GSSAPI breaks Single Sign On SAP
bnc#1083926
VUL-0: CVE-2018-5729: krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data
bnc#1083927
VUL-0: CVE-2018-5730: krb5: DN container check bypass by supplying special crafted data
CVE-2018-5729
CVE-2018-5730
Selected Binaries
openSUSE Build Service is sponsored by
Places