CVE-2017-6594

Priority
Description
The transit path validation code in Heimdal before 7.3 might allow
attackers to bypass the capath policy protection mechanism by leveraging
failure to add the previous hop realm to the transit path of issued
tickets.
Notes
ratliffUpstream: "[the fix] may break sites that rely on the bug."
mdeslaurheimdal-kdc package is in universe
Package
Upstream:released (7.1.0+dfsg-12)
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 ESM (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (7.4.0.dfsg.1-2)
Ubuntu 19.04 (Disco Dingo):not-affected (7.4.0.dfsg.1-2)
Ubuntu 19.10 (Eoan Ermine):not-affected (7.4.0.dfsg.1-2)
Ubuntu 20.04 (Focal Fossa):not-affected (7.4.0.dfsg.1-2)
Patches:
Upstream:https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2019-12-05 19:48:55 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)