projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d3ba034) | patch
pull up r23724 from trunk
authorTom Yu <tlyu@mit.edu>
Wed, 17 Feb 2010 05:11:45 +0000 (05:11 +0000)
committerTom Yu <tlyu@mit.edu>
Wed, 17 Feb 2010 05:11:45 +0000 (05:11 +0000)
commit59a78125dddb9ae721502a08890ba621466d6865
treeef454647879aeb7bff243b13224c14c8f3cafbc1tree | snapshot
parentd3ba0348523ada43c5dff5078359e3bc2b634edecommit | diff
pull up r23724 from trunk

 ------------------------------------------------------------------------
 r23724 | tlyu | 2010-02-16 17:10:17 -0500 (Tue, 16 Feb 2010) | 10 lines

 ticket: 6662
 subject: MITKRB5-SA-2010-001 CVE-2010-0283 KDC denial of service
 tags: pullup
 target_version: 1.8

 Code introduced in krb5-1.7 can cause an assertion failure if a
 KDC-REQ is internally inconsistent, specifically if the ASN.1 tag
 doesn't match the msg_type field.  Thanks to Emmanuel Bouillon (NATO
 C3 Agency) for discovering and reporting this vulnerability.

ticket: 6664
version_fixed: 1.7.2
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@23731 dc483132-0cff-0310-8789-dd5450dbe970
src/kdc/do_as_req.c diff | blob | history
src/kdc/do_tgs_req.c diff | blob | history
src/kdc/fast_util.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.