commit krb5 for openSUSE:11.3

h_root Thu, 14 Apr 2011 07:24:31 -0700

Hello community,

here is the log from the commit of package krb5 for openSUSE:11.3
checked in at Thu Apr 14 16:24:26 CEST 2011.




--------
--- old-versions/11.3/UPDATES/all/krb5/krb5-mini.changes        2011-03-16 
08:58:09.000000000 +0100
+++ 11.3/krb5/krb5-mini.changes 2011-04-14 16:23:47.668890000 +0200
@@ -1,0 +2,7 @@
+Thu Apr 14 11:14:20 CEST 2011 - [email protected]
+
+- fix kadmind invalid pointer free()
+  (MITKRB5-SA-2011-004, bnc#687469)
+  CVE-2011-0285
+
+-------------------------------------------------------------------
krb5.changes: same change

calling whatdependson for 11.3-i586


New:
----
  krb5-1.8-MITKRB5-SA-2011-004.dif

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ krb5-doc.spec ++++++
--- /var/tmp/diff_new_pack.g6g0NN/_old  2011-04-14 16:24:05.000000000 +0200
+++ /var/tmp/diff_new_pack.g6g0NN/_new  2011-04-14 16:24:05.000000000 +0200
@@ -21,7 +21,7 @@
 Name:           krb5-doc
 BuildRequires:  ghostscript-library latex2html texlive
 Version:        1.8.1
-Release:        5.<RELEASE5>
+Release:        5.<RELEASE6>
 %define srcRoot krb5-1.8.1
 Summary:        MIT Kerberos5 Implementation--Documentation
 License:        MIT License (or similar)

++++++ krb5-mini.spec ++++++
--- /var/tmp/diff_new_pack.g6g0NN/_old  2011-04-14 16:24:05.000000000 +0200
+++ /var/tmp/diff_new_pack.g6g0NN/_new  2011-04-14 16:24:05.000000000 +0200
@@ -28,7 +28,7 @@
 BuildRequires:  bison libcom_err-devel ncurses-devel
 BuildRequires:  keyutils keyutils-devel
 Version:        1.8.1
-Release:        5.<RELEASE5>
+Release:        5.<RELEASE6>
 %if ! 0%{?build_mini}
 BuildRequires:  libopenssl-devel openldap2-devel
 # bug437293
@@ -63,6 +63,7 @@
 Patch14:        krb5-1.8-MITKRB5-SA-2011-001.dif
 Patch15:        krb5-1.8-MITKRB5-SA-2011-002.dif
 Patch16:        krb5-1.8-MITKRB5-SA-2011-003.dif
+Patch17:        krb5-1.8-MITKRB5-SA-2011-004.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch, coreutils
 PreReq:         %insserv_prereq %fillup_prereq 
@@ -218,6 +219,7 @@
 %patch14 -p1
 %patch15 -p0
 %patch16 -p1
+%patch17 -p1
 # Rename the man pages so that they'll get generated correctly.
 pushd src
 cat %{SOURCE10} | while read manpage ; do

++++++ krb5.spec ++++++
--- /var/tmp/diff_new_pack.g6g0NN/_old  2011-04-14 16:24:05.000000000 +0200
+++ /var/tmp/diff_new_pack.g6g0NN/_new  2011-04-14 16:24:05.000000000 +0200
@@ -28,7 +28,7 @@
 BuildRequires:  bison libcom_err-devel ncurses-devel
 BuildRequires:  keyutils keyutils-devel
 Version:        1.8.1
-Release:        5.<RELEASE7>
+Release:        5.<RELEASE9>
 %if ! 0%{?build_mini}
 BuildRequires:  libopenssl-devel openldap2-devel
 # bug437293
@@ -63,6 +63,7 @@
 Patch14:        krb5-1.8-MITKRB5-SA-2011-001.dif
 Patch15:        krb5-1.8-MITKRB5-SA-2011-002.dif
 Patch16:        krb5-1.8-MITKRB5-SA-2011-003.dif
+Patch17:        krb5-1.8-MITKRB5-SA-2011-004.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch, coreutils
 PreReq:         %insserv_prereq %fillup_prereq 
@@ -218,6 +219,7 @@
 %patch14 -p1
 %patch15 -p0
 %patch16 -p1
+%patch17 -p1
 # Rename the man pages so that they'll get generated correctly.
 pushd src
 cat %{SOURCE10} | while read manpage ; do

++++++ krb5-1.8-MITKRB5-SA-2011-004.dif ++++++
diff --git a/src/kadmin/server/network.c b/src/kadmin/server/network.c
index c8ce4f1..bb911ff 100644
--- a/src/kadmin/server/network.c
+++ b/src/kadmin/server/network.c
@@ -1384,6 +1384,10 @@ cleanup:
     if (local_kaddrs != NULL)
         krb5_free_addresses(server_handle->context, local_kaddrs);
 
+    if ((*response)->data == NULL) {
+        free(*response);
+        *response = NULL;
+    }
     krb5_kt_close(server_handle->context, kt);
 
     return ret;
diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c
index c1b2217..992b55f 100644
--- a/src/kadmin/server/schpw.c
+++ b/src/kadmin/server/schpw.c
@@ -74,8 +74,13 @@ process_chpw_request(context, server_handle, realm, keytab,
     plen = (*ptr++ & 0xff);
     plen = (plen<<8) | (*ptr++ & 0xff);
 
-    if (plen != req->length)
-        return(KRB5KRB_AP_ERR_MODIFIED);
+    if (plen != req->length) {
+        ret = KRB5KRB_AP_ERR_MODIFIED;
+        numresult = KRB5_KPASSWD_MALFORMED;
+        strlcpy(strresult, "Request length was inconsistent",
+                sizeof(strresult));
+        goto chpwfail;
+    }
 
     /* verify version number */
 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

commit krb5 for openSUSE:11.3

Reply via email to