git.tremily.us Git - krb5.git/commit

author	Tom Yu <tlyu@mit.edu>
	Tue, 20 Apr 2010 22:37:22 +0000 (22:37 +0000)
committer	Tom Yu <tlyu@mit.edu>
	Tue, 20 Apr 2010 22:37:22 +0000 (22:37 +0000)
commit	6a1856417d804fb7afe2cae3688c540b411ffbe6
tree	9ce6b0a942bf3c022b79b736e8bf123a503aa84d	tree \| snapshot
parent	4159a795d8996138ed6cfdabf0729eca715431a3	commit \| diff

pull up r23912 from trunk

------------------------------------------------------------------------
r23912 | tlyu | 2010-04-20 17:12:10 -0400 (Tue, 20 Apr 2010) | 11 lines

ticket: 6702
target_version: 1.8.2
tags: pullup

Fix CVE-2010-1230 (MITKRB5-SA-2010-004) double-free in KDC triggered
by ticket renewal. Add a test case.

See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490

Thanks to Joel Johnson and Brian Almeida for the reports.

ticket: 6702
version_fixed: 1.8.2
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23914 dc483132-0cff-0310-8789-dd5450dbe970

MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.

RSS Atom

src/kdc/do_tgs_req.c		diff \| blob \| history
src/tests/dejagnu/config/default.exp		diff \| blob \| history
src/tests/dejagnu/krb-standalone/standalone.exp		diff \| blob \| history