Adding patchinfo patchinfo.20240909081634489451.269002615871826

patchinfo.20240909081634489451.269002615871826/_patchinfo

@@ -0,0 +1,28 @@
+<patchinfo>
+  <!-- generated from request(s) 337124 -->
+  <issue tracker="bnc" id="1220770">VUL-0: CVE-2024-26458: krb5: memory leak at /krb5/src/lib/rpc/pmap_rmt.c</issue>
+  <issue tracker="bnc" id="1220771">VUL-0: CVE-2024-26461: krb5: memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c</issue>
+  <issue tracker="bnc" id="1220772">VUL-0: CVE-2024-26462: krb5: memory leak at /krb5/src/kdc/ndr.c</issue>
+  <issue tracker="bnc" id="1227186">VUL-0: CVE-2024-37370: krb5: confidential GSS krb5 wrap tokens with invalid plaintext Extra Count fields are errouneously accepted during unwrap</issue>
+  <issue tracker="bnc" id="1227187">VUL-0: CVE-2024-37371: krb5: invalid memory read when processing message tokens with invalid length fields</issue>
+  <issue tracker="cve" id="2024-26458"/>
+  <issue tracker="cve" id="2024-26461"/>
+  <issue tracker="cve" id="2024-26462"/>
+  <issue tracker="cve" id="2024-37370"/>
+  <issue tracker="cve" id="2024-37371"/>
+  <packager>scabrero</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for krb5</summary>
+  <description>This update for krb5 fixes the following issues:
+
+- CVE-2024-37370: Confidential GSS krb5 wrap tokens with invalid plaintext Extra Count fields were erroneously accepted during unwrap (bsc#1227186)
+- CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187)
+- CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770)
+- CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771)
+- CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772)
+</description>
+  <package>krb5</package>
+  <package>krb5:krb5-mini</package>
+  <seperate_build_arch/>
+</patchinfo>