Red Hat Product Errata RHSA-2022:8641 - Security Advisory
Issued:
2022-11-28
Updated:
2022-11-28

RHSA-2022:8641 - Security Advisory

Synopsis

Important: krb5 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for krb5 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC).

Security Fix(es):

  • krb5: integer overflow vulnerabilities in PAC parsing (CVE-2022-42898)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, running Kerberos services (krb5kdc, kadmin, and kprop) will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2140960 - CVE-2022-42898 krb5: integer overflow vulnerabilities in PAC parsing

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM
krb5-1.17-10.el8_1.src.rpm SHA-256: 01382337eedade6a42f4f9be768ce0d9169892c6933039ec7391526b56eea393
ppc64le
krb5-debuginfo-1.17-10.el8_1.ppc64le.rpm SHA-256: 289c77c61ed201e31052f971000168e32206de6f33d832328d76e996090e6900
krb5-debugsource-1.17-10.el8_1.ppc64le.rpm SHA-256: c0fe7fe970f8b39f05ea6eb5624caac6ee5bd3b5e47f2195229403e18238c1c6
krb5-devel-1.17-10.el8_1.ppc64le.rpm SHA-256: 0578b500681bc1259f79720a99a29f9e853252187d0af30e8963fe528617db91
krb5-devel-debuginfo-1.17-10.el8_1.ppc64le.rpm SHA-256: b53703cb6b60e033b71cd14fd62bd3ad32a1a89610cc2ce143168a81881d856f
krb5-libs-1.17-10.el8_1.ppc64le.rpm SHA-256: 4706f21eb4fa0b629288e18e2ceb3942adc3c7cc1c568184a12a0c1b2265c376
krb5-libs-debuginfo-1.17-10.el8_1.ppc64le.rpm SHA-256: 0a19d756b5fcce9f9211eaa16ec6106a1ed15340e078809a3c6fa23e5adbe7e2
krb5-pkinit-1.17-10.el8_1.ppc64le.rpm SHA-256: b6011ba71c7ad29ab59d4aa358ef51d928ee16015be6622836554cbf4f285f6a
krb5-pkinit-debuginfo-1.17-10.el8_1.ppc64le.rpm SHA-256: 7f57f8e593165c7aadd6dcf7c72287198bc14f041ee9bfccf1724387e47c1eff
krb5-server-1.17-10.el8_1.ppc64le.rpm SHA-256: 8aa1fed388323b613b8899a4f3170606822d633edbc8917d4431ac2a2cbb0b40
krb5-server-debuginfo-1.17-10.el8_1.ppc64le.rpm SHA-256: d13227f3fa44caa47f5371c1f737d2d6993e691934c8bb984ad8415a09fc955e
krb5-server-ldap-1.17-10.el8_1.ppc64le.rpm SHA-256: 873495e67e4daae5d4600d306ccb89f4b705772494f1dc9e708615f5d44266de
krb5-server-ldap-debuginfo-1.17-10.el8_1.ppc64le.rpm SHA-256: 62bebeb3924fd7ffdc6abcd6f312423627867237c794078cb3bda8b697e04951
krb5-workstation-1.17-10.el8_1.ppc64le.rpm SHA-256: 30e5732e3ddf6b86eba08f7a424ca4e8e4ae27dd88ebb8e95d51e002f57a3c22
krb5-workstation-debuginfo-1.17-10.el8_1.ppc64le.rpm SHA-256: e67db218a8be23d6c8c8aa7d47a4926a8be88c57ced8ed17be0ab04f58fc0e3d
libkadm5-1.17-10.el8_1.ppc64le.rpm SHA-256: 91ad55f98935d39d4ad23eca75c26c2d938254e5e81e6b1f8bfcd56fbd0dd955
libkadm5-debuginfo-1.17-10.el8_1.ppc64le.rpm SHA-256: f699886ad0216f3d77ae8b73b10f4dc7a23b6629aebe8bea37b4e9f46759861a

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM
krb5-1.17-10.el8_1.src.rpm SHA-256: 01382337eedade6a42f4f9be768ce0d9169892c6933039ec7391526b56eea393
x86_64
krb5-debuginfo-1.17-10.el8_1.i686.rpm SHA-256: a8332d02e906c8ce2a3314e573bc5bb30bc902f6179072795e30a02e30ef5c6a
krb5-debuginfo-1.17-10.el8_1.x86_64.rpm SHA-256: 1951cb78f30ab92b11b2008d4c33c5066e0e83791f31ded94839e03acd03a4e8
krb5-debugsource-1.17-10.el8_1.i686.rpm SHA-256: 5baadf2f9764e7a4f25bb6577fa7c433f9eb71e27686a39f9358b8c0d6feec6f
krb5-debugsource-1.17-10.el8_1.x86_64.rpm SHA-256: 5c4ceccf60ad998cd6cfa819d78cd12bfc24f712f2953cf6f7bb5bdf5429622d
krb5-devel-1.17-10.el8_1.i686.rpm SHA-256: 41d33c509062731caebea3a92cd883dfaea803ce84c51a9d88fd02fbca8b4803
krb5-devel-1.17-10.el8_1.x86_64.rpm SHA-256: caa24b14d2060979daeecd8e9e474f65554010dd940e6a5cce9dced048ae1c83
krb5-devel-debuginfo-1.17-10.el8_1.i686.rpm SHA-256: 586eb1a5fe3d1525ddffcda51b00e61121c928dced92c04976dfb134d4676153
krb5-devel-debuginfo-1.17-10.el8_1.x86_64.rpm SHA-256: fc7d79154a35ca62b92e42bd2ec06f0eb59d340b15099981cef15a55836f0700
krb5-libs-1.17-10.el8_1.i686.rpm SHA-256: 218e74509e28692648c67736791b01c2ee5cf1a8ed1082ed922ecda592e12445
krb5-libs-1.17-10.el8_1.x86_64.rpm SHA-256: 8f75c2b3eb6cbadfec56b99ea2fb45c08382ac23046ff9641413c1d64294e7ea
krb5-libs-debuginfo-1.17-10.el8_1.i686.rpm SHA-256: 7d635f242ea4578517bc3ced57f9f976c6c2b129adf46ad9463399ba9a0e0d2e
krb5-libs-debuginfo-1.17-10.el8_1.x86_64.rpm SHA-256: 19f2a8d82daaa61ad3ef9a00ba2e3caecb67a0ecd113bb7fa0bdd1afb233f553
krb5-pkinit-1.17-10.el8_1.i686.rpm SHA-256: a1b359224115c56c0310950015bb866482ad7805b127bcff597d663c784c025d
krb5-pkinit-1.17-10.el8_1.x86_64.rpm SHA-256: a366f87a8fa0e1d92fcc7fad46b2b00932fa8d2ae1db62c111d381ca1ed4ad09
krb5-pkinit-debuginfo-1.17-10.el8_1.i686.rpm SHA-256: 3272c8851282ce5098b04eb8796ce3346103a799fdc161ea49e847a9c002e44f
krb5-pkinit-debuginfo-1.17-10.el8_1.x86_64.rpm SHA-256: df1ab45af55377774ff3468e69be1baf81895c447ab4f699e278e93d7333072d
krb5-server-1.17-10.el8_1.i686.rpm SHA-256: afe37d752c1fe112ddfdca20ecb8d3e304fb349621401e2f95418ca5fd5d2b46
krb5-server-1.17-10.el8_1.x86_64.rpm SHA-256: 60737db4b0c87fe6b44918eff59fa4f0008c96dd215940a4e728d838c91384ee
krb5-server-debuginfo-1.17-10.el8_1.i686.rpm SHA-256: 678b897501b6d7c6f95bb315eb522f8793e6a2a0566ee8e6c920d97b92ee3576
krb5-server-debuginfo-1.17-10.el8_1.x86_64.rpm SHA-256: 6d67bc85a4aa06797fcd3c0a47e42a941f03adc180e30fdb07af3b57fa42dc9f
krb5-server-ldap-1.17-10.el8_1.i686.rpm SHA-256: 3642e77a4187748657daa7d54b69c525b0998d60f690301de7f50c3f4f3b26eb
krb5-server-ldap-1.17-10.el8_1.x86_64.rpm SHA-256: 5e577d2e8d8850c9f010ff60edf034ab5b37d3e752e644e368c04f744f222557
krb5-server-ldap-debuginfo-1.17-10.el8_1.i686.rpm SHA-256: c855018f8d4e27563a4b08921df9aa53e179a7ae8b7a67e41006ba39f7263e52
krb5-server-ldap-debuginfo-1.17-10.el8_1.x86_64.rpm SHA-256: 7895ec1f431b1037ae6cd3b56d8a65212e157ca14c960e1d9b25545910e78215
krb5-workstation-1.17-10.el8_1.x86_64.rpm SHA-256: 0fec47f3ee336b3ad94754d6d906169fc0e1f6f1e2e64fa55b9edddd8c1f871d
krb5-workstation-debuginfo-1.17-10.el8_1.i686.rpm SHA-256: 2b2027863f6724bdf75f150bf8fb7c4641ee33eef62776d959a9ae0a1324078f
krb5-workstation-debuginfo-1.17-10.el8_1.x86_64.rpm SHA-256: 10d5bc7bb64da91c1ee516424d40740566aa9abf9aa0d0eeeb9d4dc40aed6b87
libkadm5-1.17-10.el8_1.i686.rpm SHA-256: 10772cd36e5e12abf2d906498d12a5d7b395c1b8e632f3fc4919dc0f29f6b2f8
libkadm5-1.17-10.el8_1.x86_64.rpm SHA-256: afc78c595336e620658a75f42a1248bca56f998d7a0052096a7bc8dade14c69b
libkadm5-debuginfo-1.17-10.el8_1.i686.rpm SHA-256: d46272faf0249f599f89ce1d26c9d090c42ca7fc818a04d4ba3ebd8c8717adb7
libkadm5-debuginfo-1.17-10.el8_1.x86_64.rpm SHA-256: d432d61177d13a0272b052717ca58e065a30bf5406dd130e825cf1915e854200

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.