projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a189e1b) | patch
pull up r22174 from trunk
authorTom Yu <tlyu@mit.edu>
Wed, 15 Apr 2009 20:07:30 +0000 (20:07 +0000)
committerTom Yu <tlyu@mit.edu>
Wed, 15 Apr 2009 20:07:30 +0000 (20:07 +0000)
commit0b0f822ef42ad721e720a2c3e4f3dfa7bf5f5f1c
tree3688b61320cead65ead0812611d85bad8043191ctree | snapshot
parenta189e1b22dbceedaacf8149c029fab875ba35728commit | diff
pull up r22174 from trunk

 ------------------------------------------------------------------------
 r22174 | tlyu | 2009-04-07 17:22:17 -0400 (Tue, 07 Apr 2009) | 11 lines
 Changed paths:
    M /trunk/src/lib/gssapi/spnego/spnego_mech.c

 ticket: 6443
 subject: CVE-2009-0844 SPNEGO can read beyond buffer end
 tags: pullup
 target_version: 1.7

 SPNEGO can read beyond the end of a buffer if the claimed DER length
 exceeds the number of bytes in the input buffer. This can lead to
 crash or information disclosure.

 Thanks to Apple for reporting this vulnerability and providing
 patches.

ticket: 6443
version_fixed: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@22248 dc483132-0cff-0310-8789-dd5450dbe970
src/lib/gssapi/spnego/spnego_mech.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.