KRB5/didiwiki Updates for Debian

Debian 9903 Published by

The following two updates has been released for Debian:

[DLA 423-1] krb5 security update
[DLA 424-1] didiwiki security update



[DLA 423-1] krb5 security update

Package : krb5
Version : 1.8.3+dfsg-4squeeze11
CVE ID : CVE-2015-8629 CVE-2015-8631
Debian Bug : 813126 813296

CVE-2015-8629

It was discovered that an authenticated attacker can cause kadmind
to read beyond the end of allocated memory by sending a string
without a terminating zero byte. Information leakage may be possible
for an attacker with permission to modify the database.

CVE-2015-8631

It was discovered that an authenticated attacker can cause kadmind
to leak memory by supplying a null principal name in a request which
uses one. Repeating these requests will eventually cause kadmind to
exhaust all available memory.

[DLA 424-1] didiwiki security update

Package : didiwiki
Version : 0.5-9+deb6u1
CVE ID : CVE-2013-7448
Debian Bug : 815111

Alexander Izmailov discovered that didiwiki, a wiki implementation,
failed to correctly validate user-supplied input, thus allowing a
malicious user to access any part of the filesystem.

HP Elite X3 5.96-inch enterprise superphone leaked and more

New Apple Betas

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...