[ubuntu/noble-updates] krb5 1.20.1-6ubuntu2.5 (Accepted)

[Ubuntu Archive Robot]

krb5 (1.20.1-6ubuntu2.5) noble-security; urgency=medium

  * SECURITY UPDATE: denial of service via two memory leaks
    - debian/patches/CVE-2024-26458.patch: fix two unlikely memory leaks in
      src/lib/gssapi/krb5/k5sealv3.c, src/lib/rpc/pmap_rmt.c.
    - CVE-2024-26458
    - CVE-2024-26461
  * SECURITY UPDATE: denial of service via memory leak
    - debian/patches/CVE-2024-26462.patch: fix leak in KDC NDR encoding in
      src/kdc/ndr.c.
    - CVE-2024-26462
  * SECURITY UPDATE: kadmind DoS via iprop log file
    - debian/patches/CVE-2025-24528.patch: prevent overflow when
      calculating ulog block size in src/lib/kdb/kdb_log.c.
    - CVE-2025-24528

Date: 2025-02-25 20:09:19.785710+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/krb5/1.20.1-6ubuntu2.5
-------------- next part --------------
Sorry, changesfile not available.