Multiple vulnerabilities have been discovered in Heimdal, the worst of which could lead to remote code execution on a KDC.
Package | app-crypt/heimdal on all architectures |
---|---|
Affected versions | < 7.8.0-r1 |
Unaffected versions | >= 7.8.0-r1 |
Heimdal is a free implementation of Kerberos 5.
Multiple vulnerabilities have been discovered in Heimdal, the worst of which could lead to remote code execution on a Kerberos Domain Controller. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All Cross-realm trust vulnerability in Heimdal users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-crypt/heimdal-7.8.0-r1"