projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a083745) | patch
MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO
authorTom Yu <tlyu@mit.edu>
Tue, 30 Mar 2010 03:05:11 +0000 (03:05 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 30 Mar 2010 03:05:11 +0000 (03:05 +0000)
commit9c0f73bd27b7778435f32e8c5dbec97ffb00109e
treec45e6d6d1e5ef65c9be1ab1f97506e2c09279813tree | snapshot
parenta0837453f25a38e30fad3844604bd95c147c409acommit | diff
MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO

pull up r23832 from trunk

 ------------------------------------------------------------------------
 r23832 | tlyu | 2010-03-23 14:53:52 -0400 (Tue, 23 Mar 2010) | 8 lines

 ticket: 6690
 target_version: 1.8.1
 tags: pullup
 subject: MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO

 The SPNEGO implementation in krb5-1.7 and later could crash due to
 assertion failure when receiving some sorts of invalid GSS-API tokens.

ticket: 6694
version_fixed: 1.7.2

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@23850 dc483132-0cff-0310-8789-dd5450dbe970
src/lib/gssapi/spnego/spnego_mech.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.