Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-SU-2021:2800-1

UNKNOWN

Security update for krb5

Published Aug 20, 2021

Modified 4 years ago

Fix available

Details

This update for krb5 fixes the following issues:

CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge. (bsc#1188571)

Affected Packages

SUSE:Enterprise Storage 6krb5

Fixed in:

1.16.3-3.21.1

SUSE:Enterprise Storage 6krb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Enterprise Storage 6krb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Enterprise Storage 6krb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Enterprise Storage 6krb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Enterprise Storage 6krb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Enterprise Storage 6krb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Enterprise Storage 6krb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSkrb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSkrb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSkrb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSkrb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSkrb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSkrb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSkrb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOSkrb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSkrb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSkrb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSkrb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSkrb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSkrb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSkrb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSkrb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSSkrb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Micro 5.0krb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP2krb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP2krb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP2krb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP2krb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP2krb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP2krb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3krb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3krb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3krb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3krb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3krb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Basesystem 15 SP3krb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Server Applications 15 SP2krb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Server Applications 15 SP2krb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Server Applications 15 SP2krb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Server Applications 15 SP3krb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Server Applications 15 SP3krb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Module for Server Applications 15 SP3krb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-BCLkrb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-BCLkrb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-BCLkrb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-BCLkrb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-BCLkrb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-BCLkrb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-BCLkrb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-BCLkrb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-LTSSkrb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-LTSSkrb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-LTSSkrb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-LTSSkrb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-LTSSkrb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-LTSSkrb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-LTSSkrb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server 15 SP1-LTSSkrb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1krb5

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1krb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1krb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1krb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1krb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1krb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1krb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Linux Enterprise Server for SAP Applications 15 SP1krb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Manager Proxy 4.0krb5

Fixed in:

1.16.3-3.21.1

SUSE:Manager Proxy 4.0krb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Manager Proxy 4.0krb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Manager Proxy 4.0krb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Manager Proxy 4.0krb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Manager Proxy 4.0krb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Manager Proxy 4.0krb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Manager Proxy 4.0krb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Manager Retail Branch Server 4.0krb5

Fixed in:

1.16.3-3.21.1

SUSE:Manager Retail Branch Server 4.0krb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Manager Retail Branch Server 4.0krb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Manager Retail Branch Server 4.0krb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Manager Retail Branch Server 4.0krb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Manager Retail Branch Server 4.0krb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Manager Retail Branch Server 4.0krb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Manager Retail Branch Server 4.0krb5-server

Fixed in:

1.16.3-3.21.1

SUSE:Manager Server 4.0krb5

Fixed in:

1.16.3-3.21.1

SUSE:Manager Server 4.0krb5-32bit

Fixed in:

1.16.3-3.21.1

SUSE:Manager Server 4.0krb5-client

Fixed in:

1.16.3-3.21.1

SUSE:Manager Server 4.0krb5-devel

Fixed in:

1.16.3-3.21.1

SUSE:Manager Server 4.0krb5-plugin-kdb-ldap

Fixed in:

1.16.3-3.21.1

SUSE:Manager Server 4.0krb5-plugin-preauth-otp

Fixed in:

1.16.3-3.21.1

SUSE:Manager Server 4.0krb5-plugin-preauth-pkinit

Fixed in:

1.16.3-3.21.1

SUSE:Manager Server 4.0krb5-server

Fixed in:

1.16.3-3.21.1

References

REPORThttps://bugzilla.suse.com/1188571 WEBhttps://www.suse.com/security/cve/CVE-2021-36222 ADVISORYhttps://www.suse.com/support/update/announcement/2021/suse-su-20212800-1/

Upstream

CVE-2021-36222

Ecosystems

Timeline

PublishedAug 20, 2021

ModifiedAug 20, 2021

SUSE-SU-2021:2800-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2021:2800-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline