CVE-2017-6594

Priority
Description
The transit path validation code in Heimdal before 7.3 might allow
attackers to bypass the capath policy protection mechanism by leveraging
failure to add the previous hop realm to the transit path of issued
tickets.
Notes
ratliffUpstream: "[the fix] may break sites that rely on the bug."
mdeslaurheimdal-kdc package is in universe
Package
Upstream:released (7.1.0+dfsg-12)
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 ESM (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (7.4.0.dfsg.1-2)
Ubuntu 19.10 (Eoan Ermine):not-affected (7.4.0.dfsg.1-2)
Ubuntu 20.04 (Focal Fossa):not-affected (7.4.0.dfsg.1-2)
Patches:
Upstream:https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2020-04-24 03:43:25 UTC (commit d3f8a6ed481830fb100109a132bef581fc4176fe)