[ubuntu/bionic-security] heimdal 7.5.0+dfsg-1ubuntu0.3 (Accepted)

Rodrigo Figueiredo Zaiden rodrigo.zaiden at canonical.com
Thu Jan 12 15:13:09 UTC 2023 

heimdal (7.5.0+dfsg-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2021-44758.patch: add a call to send_reject() when
      preferred_mech_type is GSS_C_NO_OID in
      lib/gssapi/spnego/accept_sec_context.c.
    - debian/patches/CVE-2021-44758-post.patch: remove grep command in test
      file tests/gss/check-context.in to prevent FTBFS.
    - CVE-2021-44758
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2022-3437-1.patch: change calls to memcmp with
      ct_memcmp in lib/gssapi/krb5/arcfour.c.
    - debian/patches/CVE-2022-3437-2.patch: change calls to memcmp with
      ct_memcmp in lib/gssapi/krb5/unwrap.c
    - debian/patches/CVE-2022-3437-3.patch: add NULL pointer checks before
      memcpy in lib/gssapi/krb5/unwrap.c.
    - debian/patches/CVE-2022-3437-4.patch: change logic on pad buffer
      hanlding in _gssapi_verify_pad() in lib/gssapi/krb5/decapsulate.c.
    - debian/patches/CVE-2022-3437-5.patch: add buffer boundary checks in
      _gssapi_verify_mech_header() in lib/gssapi/krb5/decapsulate.c
    - debian/patches/CVE-2022-3437-6.patch: add buffer length checks in
      lib/gssapi/krb5/unwrap.c.
    - debian/patches/CVE-2022-3437-7.patch: add buffer length checks in
      _gsskrb5_get_mech() in lib/gssapi/krb5/decapsulate.c.
    - debian/patches/CVE-2022-3437-8.patch: change buffer length parameter
      when calling _gssapi_verify_pad() in lib/gssapi/krb5/unwrap.c.
    - CVE-2022-3437
  * SECURITY UPDATE: integer overflow
    - debian/patches/CVE-2022-42898-1.patch: change logic on PAC buffer
      parsing in lib/krb5/pac.c.
    - debian/patches/CVE-2022-42898-2.patch: change variable type from
      unsigned long to uint64_t in lib/krb5/store-int.c.
    - CVE-2022-42898
  * SECURITY UPDATE: invalid free
    - debian/patches/CVE-2022-44640.patch: relocates a call to fprintf and
      parameters when calling it in decode_type() in lib/asn1/gen_decode.c
      and add a call to fprintf in free_type() in lib/asn1/gen_free.c.
    - CVE-2022-44640

Date: 2023-01-12 00:00:17.780839+00:00
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
https://launchpad.net/ubuntu/+source/heimdal/7.5.0+dfsg-1ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list