Updated heimdal packages fix security vulnerability
Publication date: 13 Aug 2017Modification date: 13 Aug 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-11103
Description
Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Heimdal clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network services or perform other attacks (CVE-2017-11103).
References
SRPMS
6/core
- heimdal-7.3.0-1.1.mga6
5/core
- heimdal-1.5.3-6.1.mga5