rpm/krb5
SHA256
1
0
Fork 0
forked from pool/krb5
Code Pull Requests Activity

Accepting request 50195 from network

Browse Source 
checked in (request 50195)

OBS-URL: https://build.opensuse.org/request/show/50195
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=28
This commit is contained in:
OBS User autobuild 2010-10-11 09:50:02 +00:00 committed by Git OBS Bridge
parent 9482246780
commit 74e4ec3b00
5 changed files with 1 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
krb5-1.8-MITKRB5-SA-2010-006.dif
View File

@ -1,33 +0,0 @@
Index: krb5-1.8.1/src/kdc/kdc_authdata.c
===================================================================
--- krb5-1.8.1.orig/src/kdc/kdc_authdata.c
+++ krb5-1.8.1/src/kdc/kdc_authdata.c
@@ -495,7 +495,7 @@ merge_authdata (krb5_context context,
krb5_boolean copy,
krb5_boolean ignore_kdc_issued)
{
- size_t i, nadata = 0;
+ size_t i, j, nadata = 0;
krb5_authdata **authdata = *out_authdata;
if (in_authdata == NULL || in_authdata[0] == NULL)
@@ -529,16 +529,16 @@ merge_authdata (krb5_context context,
in_authdata = tmp;
}
- for (i = 0; in_authdata[i] != NULL; i++) {
+ for (i = 0, j = 0; in_authdata[i] != NULL; i++) {
if (ignore_kdc_issued &&
is_kdc_issued_authdatum(context, in_authdata[i], 0)) {
free(in_authdata[i]->contents);
free(in_authdata[i]);
} else
- authdata[nadata + i] = in_authdata[i];
+ authdata[nadata + j++] = in_authdata[i];
}
- authdata[nadata + i] = NULL;
+ authdata[nadata + j] = NULL;
free(in_authdata);

7
krb5-mini.changes
View File

@ -1,10 +1,3 @@
-------------------------------------------------------------------
Mon Sep 27 11:42:43 CEST 2010 - mc@suse.de
- fix a dereference of an uninitialized pointer while processing
authorization data.
CVE-2010-1322, MITKRB5-SA-2010-006 (bnc#640990)
-------------------------------------------------------------------
Mon Jun 21 21:31:53 UTC 2010 - lchiquitto@novell.com

4
krb5-mini.spec
View File

@ -1,5 +1,5 @@
#
# spec file for package krb5 (Version 1.8.1)
# spec file for package krb5-mini (Version 1.8.1)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@ -58,7 +58,6 @@ Patch8: krb5-1.6.3-fix-ipv6-query.dif
Patch9: krb5-1.7-MITKRB5-SA-2010-004.dif
Patch10: krb5-MITKRB5-SA-2010-005.dif
Patch11: krb5-1.8.1-gssapi-error-table.dif
Patch12: krb5-1.8-MITKRB5-SA-2010-006.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: mktemp, grep, /bin/touch, coreutils
PreReq: %insserv_prereq %fillup_prereq
@ -209,7 +208,6 @@ Authors:
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
# Rename the man pages so that they'll get generated correctly.
pushd src
cat %{SOURCE10} | while read manpage ; do

7
krb5.changes
View File

@ -1,10 +1,3 @@
-------------------------------------------------------------------
Mon Sep 27 11:42:43 CEST 2010 - mc@suse.de
- fix a dereference of an uninitialized pointer while processing
authorization data.
CVE-2010-1322, MITKRB5-SA-2010-006 (bnc#640990)
-------------------------------------------------------------------
Mon Jun 21 21:31:53 UTC 2010 - lchiquitto@novell.com

2
krb5.spec
View File

@ -58,7 +58,6 @@ Patch8: krb5-1.6.3-fix-ipv6-query.dif
Patch9: krb5-1.7-MITKRB5-SA-2010-004.dif
Patch10: krb5-MITKRB5-SA-2010-005.dif
Patch11: krb5-1.8.1-gssapi-error-table.dif
Patch12: krb5-1.8-MITKRB5-SA-2010-006.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: mktemp, grep, /bin/touch, coreutils
PreReq: %insserv_prereq %fillup_prereq
@ -209,7 +208,6 @@ Authors:
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
# Rename the man pages so that they'll get generated correctly.
pushd src
cat %{SOURCE10} | while read manpage ; do