RHSA-2009:0408High
Red Hat Security Advisory: krb5 security update
🔗 CVE IDs covered (3)
📋 Description
CVE-2009-0844 — krb5: buffer over-read in SPNEGO GSS-API mechanism (MITKRB5-SA-2009-001) CVE-2009-0845 — krb5: NULL pointer dereference in GSSAPI SPNEGO (MITKRB5-SA-2009-001) CVE-2009-0846 — krb5: ASN.1 decoder can free uninitialized pointer when decoding an invalid encoding (MITKRB5-SA-2009-002)
🔗 References (8)
- selfhttps://access.redhat.com/errata/RHSA-2009:0408
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=490634
- externalhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-001.txt
- externalhttp://web.mit.edu/kerberos/advisories/MITKRB5-SA-2009-002.txt
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=491033
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=491036
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0408.json