git.tremily.us Git - krb5.git/commit

author	Tom Yu <tlyu@mit.edu>
	Wed, 9 Feb 2011 21:38:08 +0000 (21:38 +0000)
committer	Tom Yu <tlyu@mit.edu>
	Wed, 9 Feb 2011 21:38:08 +0000 (21:38 +0000)
commit	58bbfc8681bf75f596878f909a20b773d77af845
tree	a068ba285aded9621285c95fc091f7bd708adcf1	tree \| snapshot
parent	0a1f585c3a0c9611eab1dd469af90fd08e1d3d3c	commit \| diff

KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282]

pull up r24622 from trunk, except for the fix for CVE-2011-0283, which
only applies to krb5-1.9.

------------------------------------------------------------------------
r24622 | tlyu | 2011-02-09 15:25:08 -0500 (Wed, 09 Feb 2011) | 10 lines

ticket: 6860
subject: KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]
tags: pullup
target_version: 1.9.1

[CVE-2011-0281 CVE-2011-0282] Fix some LDAP back end principal name
handling that could cause the KDC to hang or crash.

[CVE-2011-0283] Fix a KDC null pointer dereference introduced in krb5-1.9.

ticket: 6865
version_fixed: 1.7.2
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@24628 dc483132-0cff-0310-8789-dd5450dbe970

MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.

RSS Atom

src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h		diff \| blob \| history
src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c		diff \| blob \| history
src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c		diff \| blob \| history
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c		diff \| blob \| history