Accepting request 1036182 from home:scabrero:branches:network

- Update to 1.20.1; (bsc#1205126); (CVE-2022-42898); * Fix integer overflows in PAC parsing [CVE-2022-42898]. * Fix null deref in KDC when decoding invalid NDR. * Fix memory leak in OTP kdcpreauth module. * Fix PKCS11 module path search. - Update to 1.20.1; (bsc#1205126); (CVE-2022-42898); * Fix integer overflows in PAC parsing [CVE-2022-42898]. * Fix null deref in KDC when decoding invalid NDR. * Fix memory leak in OTP kdcpreauth module. * Fix PKCS11 module path search. OBS-URL: https://build.opensuse.org/request/show/1036182 OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=262
2022-11-17 16:22:59 +00:00 · 2022-11-17 16:22:59 +00:00 · 6580e8c91a
commit 6580e8c91a
parent 40f0f666d9
8 changed files with 39 additions and 21 deletions
--- a/krb5-1.20.1.tar.gz
+++ b/krb5-1.20.1.tar.gz
--- a/krb5-1.20.1.tar.gz.asc
+++ b/krb5-1.20.1.tar.gz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmNvED8ACgkQDLoIV1+D
+ct9uKw/8C5GS8mdh335lB+bkfjYYCZLD+oQToDAAbdCddrIcuLftvnTfXJ8cMtMc
+UT2hsp8u7ZupjJRevdhaH7fFwomc0V8iSES5J2cQHTNd9aK93j/W6NaMoqWLrQWg
+jx99oqLn7orvp8N5RufEQcNMNWhFIX4XSfrA3vPfHbbffA2vkjJzOGno4UHi8zUn
+6nye7jbrBpiQIeFIJSS3VPsvGrKdRgb9BqGTUsqPIuFvr3Qvo42lKr5X8CWYSXjK
+0aKlOpfbWdkteEe2o84/wyMpuGvmYkmOgaMB5xQ3jfEuvPNAWX2CWHNDamiqwBT/
+YxwhZimNa1B9r3P1yDHvpUu8cJaRzw2UDRi2f3Kztrmn2jlqzmoZ31WBALJA7lmL
+SrVFdXi7AcWwppMp1kbe9SvurCXID8/Q4n+qAdzSvqrXbeWerVUkdYFvtxQ1bMJR
+jnqN11iZFYaoCaaR2lFEhjoMdR80jUa2m6vdF7a7xhH1UvuPHDnzLT9X/TiPvx0R
+Itrp5MMIrUQHcZUL9hM5hrg3nxEsGsSCnjB0zWDmgXdLGwd4CvcOF4HPQR3BBlEH
+CLtAa27bBXMJTYVvmmKt06hw+U3ALDfUlFrV6ZNLr9ug69l29n7JoChAbZ97Hx1m
+twPwJpKd8AiUz+j3KCfgGU21qMbHNP3jEn3q9tkq0qcs/z7RCmU=
+=1WIq
+-----END PGP SIGNATURE-----
--- a/krb5-1.20.tar.gz
+++ b/krb5-1.20.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7e022bdd3c851830173f9faaa006a230a0e0fdad4c953e85bff4bf0da036e12f
-size 8660756
--- a/krb5-1.20.tar.gz.asc
+++ b/krb5-1.20.tar.gz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmKO3iYACgkQDLoIV1+D
-ct/OCxAAvGE7Qi/GMlft3t56wK4FwIwENHJ7cnDJw1tkah94zO3hytphYqvCMSu/
-9OnLOynuI/XEU518avHdk5eqWI0oe2XRLbAfXuXH0Uccyun2kP/H5Smvw2JVxiOO
-O5DhhMXvjB/ifpfK3u12RFSBHEZsxV79eeVAgQV3LPyokceHH3uOeAlMPYAgzmnp
-0drDTYIErmlxhUxGUWvVvckz5wOR8TXt4nKJ2+zixBeOYQu1WZ+WJLlc4nVG4e/I
-3otns5aYPPbPMSDq3BZeaUCYqjxMJ0LgqFRZMJGAAeE9HR3tmxhfUMpAQnQgc/MZ
-6Nf3rrCj5AETZ2CtiTcKoICEa6MDG4CYhGMIW9R+5eQke1Oq+V9NVu3RdaD0R4rq
-snMYk69zF/QhiSOK3ulRm+t8RHAquDimpFlpMinl0DbK5h+A/kgfC7fyfxEHe1dj
-H2vCj946LNS2OgqJ5WbV867Fk7+unP0AZ1cy3+hedODRjqNfcu1MuLhxs/e0eLy5
-MmBDSZtJc27IVEs1IUntBy14WuJt3csjGb0jzMnWrbDcjvWAGC5yV4b5HfvZvOt8
-E2HCVWMycTuNFZHgtITqvmb2tYOc9bSOYUCRp7clCn9vvFtAKKzZiGzUsnyshLqq
-N6a1sTudU9otnIR52+K5v1rLlChS2UlIek0Nj6ejlTcTk9Go6aw=
-=z5Ek
-----END PGP SIGNATURE-----
--- a/krb5-mini.changes
+++ b/krb5-mini.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Wed Nov 16 07:49:09 UTC 2022 - Samuel Cabrero <scabrero@suse.de>
+
+- Update to 1.20.1; (bsc#1205126); (CVE-2022-42898);
+  * Fix integer overflows in PAC parsing [CVE-2022-42898].
+  * Fix null deref in KDC when decoding invalid NDR.
+  * Fix memory leak in OTP kdcpreauth module.
+  * Fix PKCS11 module path search.
+
 -------------------------------------------------------------------
 Sun May 29 19:14:02 UTC 2022 - Dirk Müller <dmueller@suse.com>

--- a/krb5-mini.spec
+++ b/krb5-mini.spec
@ -24,7 +24,7 @@
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           krb5-mini
-Version:        1.20
+Version:        1.20.1
 Release:        0
 Summary:        MIT Kerberos5 implementation and libraries with minimal dependencies
 License:        MIT
--- a/krb5.changes
+++ b/krb5.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Wed Nov 16 07:49:09 UTC 2022 - Samuel Cabrero <scabrero@suse.de>
+
+- Update to 1.20.1; (bsc#1205126); (CVE-2022-42898);
+  * Fix integer overflows in PAC parsing [CVE-2022-42898].
+  * Fix null deref in KDC when decoding invalid NDR.
+  * Fix memory leak in OTP kdcpreauth module.
+  * Fix PKCS11 module path search.
+
 -------------------------------------------------------------------
 Sun May 29 19:14:02 UTC 2022 - Dirk Müller <dmueller@suse.com>

--- a/krb5.spec
+++ b/krb5.spec
@ -21,7 +21,7 @@
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           krb5
-Version:        1.20
+Version:        1.20.1
 Release:        0
 Summary:        MIT Kerberos5 implementation
 License:        MIT