{"id":"MGASA-2017-0308","summary":"Updated heimdal packages fix security vulnerability","details":"Transit path validation inadvertently caused the previous hop realm to\nnot be added to the transit path of issued tickets. This may, in some\ncases, enable bypass of capath policy in Heimdal versions 1.5 through\n7.2 (CVE-2017-6594).\n\nNote, this may break sites that rely on the bug. With the bug some\nincomplete [capaths] worked, that should not have. These may now break\nauthentication in some cross-realm configurations.\n","modified":"2026-04-16T06:24:51.185021404Z","published":"2017-08-25T20:35:54Z","upstream":["CVE-2017-6594"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0308.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21550"},{"type":"WEB","url":"https://lists.opensuse.org/opensuse-updates/2017-08/msg00062.html"}],"affected":[{"package":{"name":"heimdal","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/heimdal?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.5.3-6.2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0308.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}