ELSA-2023-3097
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-3097
ELSA-2023-3097 - gssntlmssp security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2023-05-24 |
Description
[1.2.0-1]
- New release 1.2.0
- Fix CVE-2023-25563: multiple out-of-bounds read when decoding NTLM fields
- Fix CVE-2023-25564: memory corruption when decoding UTF16 strings
- Fix CVE-2023-25565: incorrect free when decoding target information
- Fix CVE-2023-25566: memory leak when parsing usernames
- Fix CVE-2023-25567: out-of-bounds read when decoding target information
- Resolves: rhbz#2181313
Related CVEs
| CVE-2023-25564 |
| CVE-2023-25563 |
| CVE-2023-25565 |
| CVE-2023-25566 |
| CVE-2023-25567 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | gssntlmssp-1.2.0-1.el8_8.src.rpm | b418a6c6c02a855754a6567d641678a10039022add69d30409fe6fc8d9a5432c | - | ol8_aarch64_appstream |
| gssntlmssp-1.2.0-1.el8_8.src.rpm | b418a6c6c02a855754a6567d641678a10039022add69d30409fe6fc8d9a5432c | - | ol8_aarch64_distro_builder | |
| gssntlmssp-1.2.0-1.el8_8.aarch64.rpm | 6502d1a3025293830dd6cf8f5f8842ac8ade1b7b4186eef74564cb0b4893abac | - | ol8_aarch64_appstream | |
| Oracle Linux 8 (x86_64) | gssntlmssp-1.2.0-1.el8_8.src.rpm | b418a6c6c02a855754a6567d641678a10039022add69d30409fe6fc8d9a5432c | - | ol8_x86_64_appstream |
| gssntlmssp-1.2.0-1.el8_8.src.rpm | b418a6c6c02a855754a6567d641678a10039022add69d30409fe6fc8d9a5432c | - | ol8_x86_64_distro_builder | |
| gssntlmssp-1.2.0-1.el8_8.x86_64.rpm | 1a6c75d6042e24ec1dcf6e55de87040eed11c711dec8eceee2c380500a3e16d2 | - | ol8_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
