projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b67549) | patch
MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO
authorTom Yu <tlyu@mit.edu>
Tue, 23 Mar 2010 18:53:52 +0000 (18:53 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 23 Mar 2010 18:53:52 +0000 (18:53 +0000)
commit5870741b66ecc00855198642342da76bf74c3078
tree00c4d4b09ab76283daaf4e3509c98b39e3451469tree | snapshot
parent6b67549107a0038a2f4465dd956a75d564cc7b16commit | diff
MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO

The SPNEGO implementation in krb5-1.7 and later could crash due to
assertion failure when receiving some sorts of invalid GSS-API tokens.

ticket: 6690
target_version: 1.8.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23832 dc483132-0cff-0310-8789-dd5450dbe970
src/lib/gssapi/spnego/spnego_mech.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.