======================================================================

                                   CERT-Renater

                         Note d'Information No. 2024/VULN309
_____________________________________________________________________

DATE                : 01/07/2024

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Kerberos 5 versions prior to
                                          1.21.3.

=====================================================================
https://mailman.mit.edu/pipermail/kerberos-announce/2024q2/000207.html
_____________________________________________________________________

The MIT Kerberos Team announces the availability of MIT Kerberos 5
Release 1.21.3.  Please see below for a list of some major changes
included, or consult the README file in the source tree for a more
detailed list of significant changes.

Retrieving krb5-1.21.3
======================

You may retrieve the krb5-1.21.3 sources from the following URL:

         https://kerberos.org/dist/

The homepage for the krb5-1.21.3 release is:

         https://web.mit.edu/kerberos/krb5-1.21/

Further information about Kerberos 5 may be found at the following
URL:

         https://web.mit.edu/kerberos/


Major changes in 1.21.3 (2024-06-26)
====================================

This is a bug fix release.

* Fix vulnerabilities in GSS message token handling [CVE-2024-37370,
   CVE-2024-37371].

* Fix a potential bad pointer free in krb5_cccol_have_contents().

* Fix a memory leak in the macOS ccache type.


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================