{"id":"MGASA-2015-0066","summary":"Updated krb5 packages fix security vulnerabilities","details":"Updated krb5 packages fix security vulnerabilities:\n\nIncorrect memory management in the libgssapi_krb5 library might result in\ndenial of service or the execution of arbitrary code (CVE-2014-5352).\n\nIncorrect memory management in kadmind's processing of XDR data might result\nin denial of service or the execution of arbitrary code (CVE-2014-9421).\n\nIncorrect processing of two-component server principals might result in\nimpersonation attacks (CVE-2014-9422).\n\nAn information leak in the libgssrpc library (CVE-2014-9423).\n","modified":"2026-01-31T19:36:14.487215Z","published":"2015-02-15T15:57:20Z","related":["CVE-2014-5352","CVE-2014-9421","CVE-2014-9422","CVE-2014-9423"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0066.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=15202"},{"type":"REPORT","url":"http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2015-001.txt"},{"type":"REPORT","url":"https://www.debian.org/security/2015/dsa-3153"}],"affected":[{"package":{"name":"krb5","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/krb5?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.11.4-1.4.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0066.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}