RHBA-2019:2599

Affecting krb5-libs package, versions <0:1.15.1-37.el7_7.2

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

Overview

Affected versions of this package are vulnerable to RHBA-2019:2599. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). This update fixes the following bug: * KDC and keytab can disagree on kvno after update (BZ#1732743)

Remediation

Upgrade krb5-libs to version or higher.

References

CVE
RHBA-2019:2599
Snyk ID
SNYK-CENTOS7-KRB5LIBS-580872
Published
13 Jul, 2020