- Fix vulnerability to a double-free condition in KDC daemon

(MITKRB5-SA-2011-003, bnc#671717)
  CVE-2011-0284

- Fix vulnerability to a double-free condition in KDC daemon
  (MITKRB5-SA-2011-003, bnc#671717)
  CVE-2011-0284

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=41

krb5-1.8-MITKRB5-SA-2011-003.dif

@@ -0,0 +1,13 @@
+Index: krb5-1.8.1/src/kdc/do_as_req.c
+===================================================================
+--- krb5-1.8.1.orig/src/kdc/do_as_req.c
++++ krb5-1.8.1/src/kdc/do_as_req.c
+@@ -784,6 +784,8 @@ prepare_error_as (struct kdc_request_sta
+                     pad->contents = td[size]->data;
+                     pad->length = td[size]->length;
+                     pa[size] = pad;
++                    td[size]->data = NULL;
++                    td[size]->length = 0;
+                 }
+             krb5_free_typed_data(kdc_context, td);
+         }

krb5-doc.spec

@@ -1,7 +1,7 @@
 #
-# spec file for package krb5-doc (Version 1.8.3)
+# spec file for package krb5-doc
 #
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -21,7 +21,7 @@
 Name:           krb5-doc
 BuildRequires:  ghostscript-library latex2html texlive
 Version:        1.8.3
-Release:        3
+Release:        4
 %define srcRoot krb5-1.8.3
 Summary:        MIT Kerberos5 Implementation--Documentation
 License:        MIT License (or similar)

krb5-mini.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Mar  1 12:43:22 CET 2011 - mc@suse.de
+
+- Fix vulnerability to a double-free condition in KDC daemon
+  (MITKRB5-SA-2011-003, bnc#671717)
+  CVE-2011-0284
+
 -------------------------------------------------------------------
 Wed Jan 19 14:42:27 CET 2011 - mc@suse.de
 

krb5-mini.spec

@@ -1,7 +1,7 @@
 #
-# spec file for package krb5 (Version 1.8.3)
+# spec file for package krb5
 #
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -28,7 +28,7 @@ Url:            http://web.mit.edu/kerberos/www/
 BuildRequires:  bison libcom_err-devel ncurses-devel
 BuildRequires:  keyutils keyutils-devel
 Version:        1.8.3
-Release:        3
+Release:        4
 %if ! 0%{?build_mini}
 BuildRequires:  libopenssl-devel openldap2-devel
 # bug437293
@@ -59,6 +59,7 @@ Patch12:        krb5-1.8-MITKRB5-SA-2010-006.dif
 Patch13:        MITKRB5-SA-2010-007-1.8.dif
 Patch14:        krb5-1.8-MITKRB5-SA-2011-001.dif
 Patch15:        krb5-1.8-MITKRB5-SA-2011-002.dif
+Patch16:        krb5-1.8-MITKRB5-SA-2011-003.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch, coreutils
 PreReq:         %insserv_prereq %fillup_prereq 
@@ -210,6 +211,7 @@ Authors:
 %patch13 -p1
 %patch14 -p1
 %patch15 -p0
+%patch16 -p1
 # Rename the man pages so that they'll get generated correctly.
 pushd src
 cat %{SOURCE10} | while read manpage ; do

krb5.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Mar  1 12:43:22 CET 2011 - mc@suse.de
+
+- Fix vulnerability to a double-free condition in KDC daemon
+  (MITKRB5-SA-2011-003, bnc#671717)
+  CVE-2011-0284
+
 -------------------------------------------------------------------
 Wed Jan 19 14:42:27 CET 2011 - mc@suse.de
 

krb5.spec

@@ -1,7 +1,7 @@
 #
-# spec file for package krb5 (Version 1.8.3)
+# spec file for package krb5
 #
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -28,7 +28,7 @@ Url:            http://web.mit.edu/kerberos/www/
 BuildRequires:  bison libcom_err-devel ncurses-devel
 BuildRequires:  keyutils keyutils-devel
 Version:        1.8.3
-Release:        3
+Release:        4
 %if ! 0%{?build_mini}
 BuildRequires:  libopenssl-devel openldap2-devel
 # bug437293
@@ -59,6 +59,7 @@ Patch12:        krb5-1.8-MITKRB5-SA-2010-006.dif
 Patch13:        MITKRB5-SA-2010-007-1.8.dif
 Patch14:        krb5-1.8-MITKRB5-SA-2011-001.dif
 Patch15:        krb5-1.8-MITKRB5-SA-2011-002.dif
+Patch16:        krb5-1.8-MITKRB5-SA-2011-003.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch, coreutils
 PreReq:         %insserv_prereq %fillup_prereq 
@@ -210,6 +211,7 @@ Authors:
 %patch13 -p1
 %patch14 -p1
 %patch15 -p0
+%patch16 -p1
 # Rename the man pages so that they'll get generated correctly.
 pushd src
 cat %{SOURCE10} | while read manpage ; do