git.tremily.us Git - krb5.git/commit

author	Tom Yu <tlyu@mit.edu>
	Wed, 9 Feb 2011 21:03:49 +0000 (21:03 +0000)
committer	Tom Yu <tlyu@mit.edu>
	Wed, 9 Feb 2011 21:03:49 +0000 (21:03 +0000)
commit	76d7f2223230a9ead7c8cc50816138a8abc73820
tree	67c840f65edb09e4147832e8c76c5407bf4cf81b	tree \| snapshot
parent	fa82d4a65460c2462ae96d81bc1f144fb713c561	commit \| diff

KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282]

pull up r24622 from trunk, minus the fix for CVE-2011-0283, which is
only applicable to krb5-1.9 and later.

------------------------------------------------------------------------
r24622 | tlyu | 2011-02-09 15:25:08 -0500 (Wed, 09 Feb 2011) | 10 lines

ticket: 6860
subject: KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]
tags: pullup
target_version: 1.9.1

[CVE-2011-0281 CVE-2011-0282] Fix some LDAP back end principal name
handling that could cause the KDC to hang or crash.

[CVE-2011-0283] Fix a KDC null pointer dereference introduced in krb5-1.9.

ticket: 6862
version_fixed: 1.8.4
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@24626 dc483132-0cff-0310-8789-dd5450dbe970

MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.

RSS Atom

src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h		diff \| blob \| history
src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c		diff \| blob \| history
src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c		diff \| blob \| history
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c		diff \| blob \| history