[ubuntu/focal-security] heimdal 7.7.0+dfsg-1ubuntu1.3 (Accepted)
Rodrigo Figueiredo Zaiden
rodrigo.zaiden at canonical.com
Thu Jan 12 15:13:08 UTC 2023
heimdal (7.7.0+dfsg-1ubuntu1.3) focal-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2021-44758.patch: add a call to send_reject() when
preferred_mech_type is GSS_C_NO_OID in
lib/gssapi/spnego/accept_sec_context.c.
- debian/patches/CVE-2021-44758-post.patch: remove grep command in test
file tests/gss/check-context.in to prevent FTBFS.
- CVE-2021-44758
* SECURITY UPDATE: buffer overflow
- debian/patches/CVE-2022-3437-1.patch: change calls to memcmp with
ct_memcmp in lib/gssapi/krb5/arcfour.c.
- debian/patches/CVE-2022-3437-2.patch: change calls to memcmp with
ct_memcmp in lib/gssapi/krb5/unwrap.c
- debian/patches/CVE-2022-3437-3.patch: add NULL pointer checks before
memcpy in lib/gssapi/krb5/unwrap.c.
- debian/patches/CVE-2022-3437-4.patch: change logic on pad buffer
hanlding in _gssapi_verify_pad() in lib/gssapi/krb5/decapsulate.c.
- debian/patches/CVE-2022-3437-5.patch: add buffer boundary checks in
_gssapi_verify_mech_header() in lib/gssapi/krb5/decapsulate.c
- debian/patches/CVE-2022-3437-6.patch: add buffer length checks in
lib/gssapi/krb5/unwrap.c.
- debian/patches/CVE-2022-3437-7.patch: add buffer length checks in
_gsskrb5_get_mech() in lib/gssapi/krb5/decapsulate.c.
- debian/patches/CVE-2022-3437-8.patch: change buffer length parameter
when calling _gssapi_verify_pad() in lib/gssapi/krb5/unwrap.c.
- CVE-2022-3437
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2022-42898-1.patch: change logic on PAC buffer
parsing in lib/krb5/pac.c.
- debian/patches/CVE-2022-42898-2.patch: change variable type from
unsigned long to uint64_t in lib/krb5/store-int.c.
- CVE-2022-42898
* SECURITY UPDATE: invalid free
- debian/patches/CVE-2022-44640.patch: relocates a call to fprintf and
parameters when calling it in decode_type() in lib/asn1/gen_decode.c
and add a call to fprintf in free_type() in lib/asn1/gen_free.c.
- CVE-2022-44640
Date: 2023-01-12 00:03:09.034371+00:00
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
https://launchpad.net/ubuntu/+source/heimdal/7.7.0+dfsg-1ubuntu1.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list