Уведомление безопасности usn-2810-1

Критичная (8.5)

(AV:N/AC:M/Au:S/C:C/I:C/A:C)

Canonical Ubuntu

krb5-admin-server (any) krb5-k5tls (any) krb5-kdc (any) krb5-kdc-ldap (any) krb5-otp (any) krb5-pkinit (any) krb5-user (any) libgssapi-krb5-2 (any) libgssrpc4 (any) libk5crypto3 (any) libkadm5clnt-mit8 (any) libkadm5clnt-mit9 (any) libkdb5-6 (any) libkdb5-7 (any) libkdb5-8 (any) libkrad0 (any) libkrb53 (any) libkrb5-3 (any) libkrb5support0 (any)

Уведомление безопасности об уязвимостях krb5

Проблема может быть решена обновлением операционной системы до следующих версий пакетов:
Ubuntu 15.04
krb5-admin-server - 1.12.1+dfsg-18ubuntu0.1
krb5-kdc - 1.12.1+dfsg-18ubuntu0.1
krb5-kdc-ldap - 1.12.1+dfsg-18ubuntu0.1
krb5-otp - 1.12.1+dfsg-18ubuntu0.1
krb5-pkinit - 1.12.1+dfsg-18ubuntu0.1
krb5-user - 1.12.1+dfsg-18ubuntu0.1
libgssapi-krb5-2 - 1.12.1+dfsg-18ubuntu0.1
libgssrpc4 - 1.12.1+dfsg-18ubuntu0.1
libk5crypto3 - 1.12.1+dfsg-18ubuntu0.1
libkadm5clnt-mit9 - 1.12.1+dfsg-18ubuntu0.1
libkdb5-7 - 1.12.1+dfsg-18ubuntu0.1
libkrad0 - 1.12.1+dfsg-18ubuntu0.1
libkrb5-3 - 1.12.1+dfsg-18ubuntu0.1
libkrb5support0 - 1.12.1+dfsg-18ubuntu0.1
Ubuntu 15.10
krb5-admin-server - 1.13.2+dfsg-2ubuntu0.1
krb5-k5tls - 1.13.2+dfsg-2ubuntu0.1
krb5-kdc - 1.13.2+dfsg-2ubuntu0.1
krb5-kdc-ldap - 1.13.2+dfsg-2ubuntu0.1
krb5-otp - 1.13.2+dfsg-2ubuntu0.1
krb5-pkinit - 1.13.2+dfsg-2ubuntu0.1
krb5-user - 1.13.2+dfsg-2ubuntu0.1
libgssapi-krb5-2 - 1.13.2+dfsg-2ubuntu0.1
libgssrpc4 - 1.13.2+dfsg-2ubuntu0.1
libk5crypto3 - 1.13.2+dfsg-2ubuntu0.1
libkadm5clnt-mit9 - 1.13.2+dfsg-2ubuntu0.1
libkdb5-8 - 1.13.2+dfsg-2ubuntu0.1
libkrad0 - 1.13.2+dfsg-2ubuntu0.1
libkrb5-3 - 1.13.2+dfsg-2ubuntu0.1
libkrb5support0 - 1.13.2+dfsg-2ubuntu0.1
Ubuntu 14.04 LTS
krb5-admin-server - 1.12+dfsg-2ubuntu5.2
krb5-kdc - 1.12+dfsg-2ubuntu5.2
krb5-kdc-ldap - 1.12+dfsg-2ubuntu5.2
krb5-otp - 1.12+dfsg-2ubuntu5.2
krb5-pkinit - 1.12+dfsg-2ubuntu5.2
krb5-user - 1.12+dfsg-2ubuntu5.2
libgssapi-krb5-2 - 1.12+dfsg-2ubuntu5.2
libgssrpc4 - 1.12+dfsg-2ubuntu5.2
libk5crypto3 - 1.12+dfsg-2ubuntu5.2
libkadm5clnt-mit9 - 1.12+dfsg-2ubuntu5.2
libkdb5-7 - 1.12+dfsg-2ubuntu5.2
libkrad0 - 1.12+dfsg-2ubuntu5.2
libkrb5-3 - 1.12+dfsg-2ubuntu5.2
libkrb5support0 - 1.12+dfsg-2ubuntu5.2
Ubuntu 12.04 LTS
krb5-admin-server - 1.10+dfsg~beta1-2ubuntu0.7
krb5-kdc - 1.10+dfsg~beta1-2ubuntu0.7
krb5-kdc-ldap - 1.10+dfsg~beta1-2ubuntu0.7
krb5-pkinit - 1.10+dfsg~beta1-2ubuntu0.7
krb5-user - 1.10+dfsg~beta1-2ubuntu0.7
libgssapi-krb5-2 - 1.10+dfsg~beta1-2ubuntu0.7
libgssrpc4 - 1.10+dfsg~beta1-2ubuntu0.7
libk5crypto3 - 1.10+dfsg~beta1-2ubuntu0.7
libkadm5clnt-mit8 - 1.10+dfsg~beta1-2ubuntu0.7
libkdb5-6 - 1.10+dfsg~beta1-2ubuntu0.7
libkrb5-3 - 1.10+dfsg~beta1-2ubuntu0.7
libkrb53 - 1.10+dfsg~beta1-2ubuntu0.7
libkrb5support0 - 1.10+dfsg~beta1-2ubuntu0.7

https://usn.ubuntu.com/usn-2810-1/

Источник: CVE
Наименование: CVE-2002-2443
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443

Источник: CVE
Наименование: CVE-2015-2698
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698

Источник: CVE
Наименование: CVE-2015-2694
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2694

Источник: CVE
Наименование: CVE-2015-2695
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695

Источник: CVE
Наименование: CVE-2015-2696
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696

Источник: CVE
Наименование: CVE-2015-2697
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697

Источник: CVE
Наименование: CVE-2014-5355
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355