From 544cfdcdbc58c7881e7c566985f1d793d7a6a7713e9d36e3de3209b89aeae7a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Lorenzen?= Date: Fri, 29 Dec 2017 13:46:40 +0000 Subject: [PATCH] Accepting request 560558 from home:enzokiel:branches:network - Update to version 7.5.0 - Security - Fix CVE-2017-17439, which is a remote denial of service vulnerability: In Heimdal 7.1 through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. - Bug fixes - Handle long input lines when reloading database dumps. - In pre-forked mode (default on Unix), correctly clear the process ids of exited children, allowing new child processes to replace the old. - Fixed incorrect KDC response when no-cross realm TGT exists, allowing client requests to fail quickly rather than time out after trying to get a correct answer from each KDC. - Fixed heimdal-patched.diff. - Removed Avoid_NULL_structure_pointer_member_dereference.patch, fixed upstream. OBS-URL: https://build.opensuse.org/request/show/560558 OBS-URL: https://build.opensuse.org/package/show/network/libheimdal?expand=0&rev=19 --- ...structure_pointer_member_dereference.patch | 23 ------------------- heimdal-7.4.0-patched.tar.bz2 | 3 --- heimdal-7.5.0-patched.tar.bz2 | 3 +++ heimdal-patched.diff | 2 +- libheimdal.changes | 22 ++++++++++++++++++ libheimdal.spec | 4 +--- 6 files changed, 27 insertions(+), 30 deletions(-) delete mode 100644 Avoid_NULL_structure_pointer_member_dereference.patch delete mode 100644 heimdal-7.4.0-patched.tar.bz2 create mode 100644 heimdal-7.5.0-patched.tar.bz2 diff --git a/Avoid_NULL_structure_pointer_member_dereference.patch b/Avoid_NULL_structure_pointer_member_dereference.patch deleted file mode 100644 index d207163..0000000 --- a/Avoid_NULL_structure_pointer_member_dereference.patch +++ /dev/null @@ -1,23 +0,0 @@ ---- kdc/kerberos5.c.orig -+++ kdc/kerberos5.c -@@ -2226,15 +2226,17 @@ - /* - * In case of a non proxy error, build an error message. - */ -- if(ret != 0 && ret != HDB_ERR_NOT_FOUND_HERE && reply->length == 0) { -+ if (ret != 0 && ret != HDB_ERR_NOT_FOUND_HERE && reply->length == 0) { - ret = _kdc_fast_mk_error(context, r, - &error_method, - r->armor_crypto, - &req->req_body, - ret, r->e_text, - r->server_princ, -- &r->client_princ->name, -- &r->client_princ->realm, -+ r->client_princ ? -+ &r->client_princ->name : NULL, -+ r->client_princ ? -+ &r->client_princ->realm : NULL, - NULL, NULL, - reply); - if (ret) diff --git a/heimdal-7.4.0-patched.tar.bz2 b/heimdal-7.4.0-patched.tar.bz2 deleted file mode 100644 index 6f07ae1..0000000 --- a/heimdal-7.4.0-patched.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f49a302ab803b536dbc2c1c0e33d9b35ab859fc8e8785908d7e1cb1a78afabe0 -size 7457572 diff --git a/heimdal-7.5.0-patched.tar.bz2 b/heimdal-7.5.0-patched.tar.bz2 new file mode 100644 index 0000000..3455328 --- /dev/null +++ b/heimdal-7.5.0-patched.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2a77570b72566f4dcc67c6d159017eb2baf927995441fea3a872f527e8089328 +size 7632037 diff --git a/heimdal-patched.diff b/heimdal-patched.diff index d93ab2a..6a1819b 100644 --- a/heimdal-patched.diff +++ b/heimdal-patched.diff @@ -4,7 +4,7 @@ diff -uNr heimdal-7.3.0/configure.ac heimdal-7.3.0-patched/configure.ac @@ -3,7 +3,6 @@ AC_PREREQ(2.62) test -z "$CFLAGS" && CFLAGS="-g" - AC_INIT([Heimdal],[7.4.0],[https://github.com/heimdal/heimdal/issues]) + AC_INIT([Heimdal],[7.5.0],[https://github.com/heimdal/heimdal/issues]) -AC_CONFIG_SRCDIR([kuser/kinit.c]) AC_CONFIG_HEADERS(include/config.h) AC_CONFIG_MACRO_DIR([cf]) diff --git a/libheimdal.changes b/libheimdal.changes index 0447631..0e2e720 100644 --- a/libheimdal.changes +++ b/libheimdal.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Fri Dec 29 13:16:21 UTC 2017 - joerg.lorenzen@ki.tng.de + +- Update to version 7.5.0 + - Security + - Fix CVE-2017-17439, which is a remote denial of service + vulnerability: + In Heimdal 7.1 through 7.4, remote unauthenticated attackers + are able to crash the KDC by sending a crafted UDP packet + containing empty data fields for client name or realm. + - Bug fixes + - Handle long input lines when reloading database dumps. + - In pre-forked mode (default on Unix), correctly clear the + process ids of exited children, allowing new child processes + to replace the old. + - Fixed incorrect KDC response when no-cross realm TGT exists, + allowing client requests to fail quickly rather than time + out after trying to get a correct answer from each KDC. +- Fixed heimdal-patched.diff. +- Removed Avoid_NULL_structure_pointer_member_dereference.patch, + fixed upstream. + ------------------------------------------------------------------- Thu Dec 07 15:17:23 UTC 2017 - joerg.lorenzen@ki.tng.de diff --git a/libheimdal.spec b/libheimdal.spec index 43e2ac9..ea4882a 100644 --- a/libheimdal.spec +++ b/libheimdal.spec @@ -20,7 +20,7 @@ Name: libheimdal Summary: The Heimdal implementation of the Kerberos 5 protocol License: BSD-3-Clause Group: Productivity/Networking/Security -Version: 7.4.0 +Version: 7.5.0 Release: 0 Url: http://www.h5l.org # patched source can be created with script heimdal-patch-source.sh: @@ -28,7 +28,6 @@ Url: http://www.h5l.org Source0: heimdal-%{version}-patched.tar.bz2 Source2: heimdal-patch-source.sh Patch0: heimdal-patched.diff -Patch1: Avoid_NULL_structure_pointer_member_dereference.patch %if 0%{?sles_version} == 11 BuildRequires: libcom_err-devel BuildRequires: sqlite3-devel @@ -99,7 +98,6 @@ libraries are required by 64-bit package of ICAClient version 13.2. %prep %setup -q -n heimdal-%{version} %patch0 -p1 -%patch1 -p0 %build autoreconf -fi