NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7893c19991
kumquat-buildroot/package/libkrb5/libkrb5.hash
André Zwing fb1b33c040 package/libkrb5: security bump to 1.21.2 
Fixes the following security issues:

- CVE-2023-36054: lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5)
  before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer

- CVE-2023-39975: kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before
  1.21.2 has a double free that is reachable if an authenticated user can
  trigger an authorization-data handling failure

Signed-off-by: André Zwing <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dd1ea28b07)
[Peter: mark as security bump, add CVE details]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-06-08 09:18:39 +02:00

6 lines
250 B
Plaintext
Raw Blame History

# Locally calculated after checking pgp signature
sha256 9560941a9d843c0243a71b17a7ac6fe31c7cebb5bce3983db79e52ae7e850491 krb5-1.21.2.tar.gz
# Hash for license file:
sha256 0d5373486138cb176c063db98274b4c4ab6ef3518c4191360736384b780306c2 NOTICE
Reference in New Issue View Git Blame Copy Permalink