- Update to version 7.5.0
- Security
- Fix CVE-2017-17439, which is a remote denial of service
vulnerability:
In Heimdal 7.1 through 7.4, remote unauthenticated attackers
are able to crash the KDC by sending a crafted UDP packet
containing empty data fields for client name or realm.
- Bug fixes
- Handle long input lines when reloading database dumps.
- In pre-forked mode (default on Unix), correctly clear the
process ids of exited children, allowing new child processes
to replace the old.
- Fixed incorrect KDC response when no-cross realm TGT exists,
allowing client requests to fail quickly rather than time
out after trying to get a correct answer from each KDC.
- Fixed heimdal-patched.diff.
- Removed Avoid_NULL_structure_pointer_member_dereference.patch,
fixed upstream.
OBS-URL: https://build.opensuse.org/request/show/560558
OBS-URL: https://build.opensuse.org/package/show/network/libheimdal?expand=0&rev=19
- Added a patched instead of the original tarball because only
shared libraries will be build and source files of these (not to
be build) programs have problematic licenses.
- Added script heimdal-patch-source.sh to sources.
- Added patch heimdal-patched.diff that fixes configure.ac and
several Makefile.am files to successfully build patched source.
- Removed unneeded dependencies in spec file for build.
OBS-URL: https://build.opensuse.org/request/show/329265
OBS-URL: https://build.opensuse.org/package/show/network/libheimdal?expand=0&rev=7
