FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-10-10 08:58:57 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a6986f0f-3ac0-11ee-9a88-206a8a720317	krb5 -- Double-free in KDC TGS processing The MIT krb5 Team reports: When issuing a ticket for a TGS renew or validate request, copy only the server field from the outer part of the header ticket to the new ticket. Copying the whole structure causes the enc_part pointer to be aliased to the header ticket until krb5_encrypt_tkt_part() is called, resulting in a double-free if handle_authdata() fails.. Discovery 2023-08-07 Entry 2023-08-14 krb5 > 1.20 lt 1.21.1_1 krb5-121 < 1.21.1_1 krb5-devel > 1.20 lt 1.22.2023.08.07 CVE-2023-39975 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39975

VuXML ID

Description

a6986f0f-3ac0-11ee-9a88-206a8a720317

krb5 -- Double-free in KDC TGS processing

The MIT krb5 Team reports:

When issuing a ticket for a TGS renew or validate request, copy only the server field from the outer part of the header ticket to the new ticket. Copying the whole structure causes the enc_part pointer to be aliased to the header ticket until krb5_encrypt_tkt_part() is called, resulting in a double-free if handle_authdata() fails..

Discovery 2023-08-07
Entry 2023-08-14
krb5

> 1.20 lt 1.21.1_1

krb5-121

< 1.21.1_1

krb5-devel

> 1.20 lt 1.22.2023.08.07

CVE-2023-39975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39975