SUSE-SU-2021:0527-1 -- SLES krb5-applID: oval:org.secpod.oval:def:89002852 | Date: (C)2021-02-24 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for krb5-appl fixes the following issues: - CVE-2019-25017: Check the filenames sent by the server match those requested by the client . - CVE-2019-25018: Disallow empty incoming filename or ones that refer to the current directory .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |