| Package | krb5 |
|---|---|
| Version | 1.10.1+dfsg-5+deb7u10 |
| Related CVEs | CVE-2015-2694 CVE-2018-5729 CVE-2018-5730 CVE-2018-20217 |
krb5, a MIT Kerberos implementation had several flaws in LDAP DN checking, which could be used to circumvent a DN containership check by supplying special parameters to some calls. Further an attacker could crash the KDC by making S4U2Self requests.
For Debian 7 Wheezy, these problems have been fixed in version 1.10.1+dfsg-5+deb7u10.
We recommend that you upgrade your krb5 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.