{"id":"MGASA-2017-0256","summary":"Updated krb5 packages fix security vulnerability","details":"A denial of service flaw was found in MIT Kerberos krb5kdc service. An\nauthenticated attacker could use this flaw to cause krb5kdc to exit with\nan assertion failure by making an invalid S4U2Self or S4U2Proxy request\n(CVE-2017-11368).\n","modified":"2026-04-16T06:22:29.494226522Z","published":"2017-08-12T10:13:00Z","upstream":["CVE-2017-11368"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0256.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21369"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT/"}],"affected":[{"package":{"name":"krb5","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/krb5?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.12.5-1.2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0256.json"}},{"package":{"name":"krb5","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/krb5?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.15.1-2.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0256.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}