Launchpad has imported 8 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=827517.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2012-06-01T16:42:30+00:00 Vincent wrote: MIT Kerberos 5 version 1.10.2 was released [1] and noted as fixing: * Fix a kadmind denial of service issue (null pointer dereference), which could only be triggered by an administrator with the "create" privilege. [CVE-2012-1013] No information is currently available on which versions are affected by this flaw. [1] http://mailman.mit.edu/pipermail/kerberos- announce/2012q2/000136.html Reply at: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/comments/0 ------------------------------------------------------------------------ On 2012-06-01T20:17:27+00:00 Vincent wrote: Upstream bug report: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7152 And the upstream fix: https://github.com/krb5/krb5/commit/c5be6209311d4a8f10fda37d0d3f876c1b33b77b This only affects krb5 1.8 and higher, and only clients authorized to create principals can trigger the bug (so requires administrative privileges). Reply at: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/comments/1 ------------------------------------------------------------------------ On 2012-06-01T20:18:28+00:00 Vincent wrote: Created krb5 tracking bugs for this issue Affects: fedora-all [bug 827598] Reply at: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/comments/2 ------------------------------------------------------------------------ On 2012-06-13T21:34:03+00:00 Fedora wrote: krb5-1.10-7.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/comments/4 ------------------------------------------------------------------------ On 2012-06-13T21:35:17+00:00 Fedora wrote: krb5-1.9.3-2.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/comments/5 ------------------------------------------------------------------------ On 2012-06-13T21:36:27+00:00 Fedora wrote: krb5-1.9.3-2.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. Reply at: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/comments/6 ------------------------------------------------------------------------ On 2012-07-31T18:56:57+00:00 errata-xmlrpc wrote: This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:1131 https://rhn.redhat.com/errata/RHSA-2012-1131.html Reply at: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/comments/10 ------------------------------------------------------------------------ On 2012-07-31T21:43:19+00:00 Vincent wrote: Statement: Not vulnerable. This issue did not affect the versions of krb5 as shipped with Red Hat Enterprise Linux 4 and 5. Reply at: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/comments/11 ** Changed in: krb5 (Fedora) Status: Unknown => Fix Released ** Changed in: krb5 (Fedora) Importance: Unknown => Low ** Bug watch added: krbdev.mit.edu/rt/ #7152 http://krbdev.mit.edu/rt/Ticket/Display.html?id=7152 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1009422 Title: (CVE-2012-1013) krb5 : kadmind denial of service To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1009422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
