AVG-505 log
| Package | krb5 |
| Status | Not affected |
| Severity | Critical |
| Type | arbitrary code execution |
| Affected | 1.15.2-1 |
| Fixed | Not affected |
| Current | 1.21.2-2 [core] |
| Ticket | None |
| Created | Sun Nov 19 14:54:10 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-15088 | Critical | Yes | Arbitrary code execution | plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote... |
| References |
|---|
https://github.com/krb5/krb5/pull/707 |
| Notes |
|---|
Marking as not affected, since it looks specific to Red Hat. |