FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a6986f0f-3ac0-11ee-9a88-206a8a720317	krb5 -- Double-free in KDC TGS processing SO-AND-SO reports: When issuing a ticket for a TGS renew or validate request, copy only the server field from the outer part of the header ticket to the new ticket. Copying the whole structure causes the enc_part pointer to be aliased to the header ticket until krb5_encrypt_tkt_part() is called, resulting in a double-free if handle_authdata() fails.. Discovery 2023-08-07 Entry 2023-08-14 krb5 < 1.21.1_1 krb5-121 < 1.21.1_1 krb5-devel < 1.22.2023.08.07 CVE-2023-39975 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39975

VuXML ID

Description

a6986f0f-3ac0-11ee-9a88-206a8a720317

krb5 -- Double-free in KDC TGS processing

SO-AND-SO reports:

When issuing a ticket for a TGS renew or validate request, copy only the server field from the outer part of the header ticket to the new ticket. Copying the whole structure causes the enc_part pointer to be aliased to the header ticket until krb5_encrypt_tkt_part() is called, resulting in a double-free if handle_authdata() fails..

Discovery 2023-08-07
Entry 2023-08-14
krb5

< 1.21.1_1

krb5-121

< 1.21.1_1

krb5-devel

< 1.22.2023.08.07

CVE-2023-39975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39975