关键漏洞信息 Main Changes in 1.11.6 CVE-2014-4342 and CVE-2014-4343: Handled certain invalid RFC 1964 GSS tokens to avoid invalid memory reference vulnerabilities. CVE-2014-4343 and CVE-2014-4344: Fixed memory management vulnerabilities in GSSAPI SPNEGO. CVE-2014-4345: Fixed a buffer overflow vulnerability in LDAP KDB backend. CVE-2014-5354 and CVE-2014-5355: Fixed multiple vulnerabilities in LDAP KDC backend. CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423: Fixed multiple KADMIND vulnerabilities, some of which were based in the GSSRPC library. Main Changes in 1.11.4 CVE-2013-1417: Fixed a KDC null pointer dereference that could affect realms with an uncommon configuration. CVE-2013-1418: Fixed a KDC null pointer dereference that could affect KDCs serving multiple realms. Main Changes in 1.11.3 CVE-2002-2443: Fixed a UDP ping-pong vulnerability in the kpasswd (password changing) service. Summary The release notes highlight various security vulnerabilities addressed in the Kerberos 5 Release 1.11.6, particularly focusing on memory management, buffer overflow, and null pointer dereference issues. Several CVEs are listed and have been mitigated in this release.