github heimdal/heimdal heimdal-7.4.0
Heimdal 7.4

latest releases: heimdal-7.8.0, heimdal-7.7.1, heimdal-7.7.0...
6 years ago

This is a security release of Heimdal.

This release patches a critical vulnerability:

CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation

In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'.  Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.

Identified by Jeffrey Altman, Viktor Duchovni and Nico Williams.


Don't miss a new heimdal release

NewReleases is sending notifications on new releases.