python310-impacket-0.11.0-2.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:13200-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z python310-impacket-0.11.0-2.1 on GA media These are all security issues fixed in the python310-impacket-0.11.0-2.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-13200 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2020-17049/ SUSE CVE CVE-2020-17049 page openSUSE Tumbleweed python310-impacket-0.11.0-2.1 python311-impacket-0.11.0-2.1 python39-impacket-0.11.0-2.1 python310-impacket-0.11.0-2.1 as a component of openSUSE Tumbleweed python311-impacket-0.11.0-2.1 as a component of openSUSE Tumbleweed python39-impacket-0.11.0-2.1 as a component of openSUSE Tumbleweed A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD. CVE-2020-17049 openSUSE Tumbleweed:python310-impacket-0.11.0-2.1 openSUSE Tumbleweed:python311-impacket-0.11.0-2.1 openSUSE Tumbleweed:python39-impacket-0.11.0-2.1 important 9 AV:N/AC:L/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-17049.html CVE-2020-17049 https://bugzilla.suse.com/1178754 SUSE Bug 1178754 https://bugzilla.suse.com/1178764 SUSE Bug 1178764