commit krb5-appl for openSUSE:11.3

Thu, 29 Dec 2011 02:14:30 -0800 

Hello community,

here is the log from the commit of package krb5-appl for openSUSE:11.3
checked in at Thu Dec 29 11:14:24 CET 2011.



--------
--- old-versions/11.3/UPDATES/all/krb5-appl/krb5-appl.changes   2011-07-06 
15:42:47.000000000 +0200
+++ 11.3/krb5-appl/krb5-appl.changes    2011-12-28 19:11:14.000000000 +0100
@@ -1,0 +2,5 @@
+Wed Dec 28 19:10:32 CET 2011 - [email protected]
+
+- Fixed a remote code execution in ktelnetd (CVE-2011-4862 / bnc#738632)
+
+-------------------------------------------------------------------

calling whatdependson for 11.3-i586


New:
----
  krb5-appl-telnet-CVE-2011-4862.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ krb5-appl.spec ++++++
--- /var/tmp/diff_new_pack.kK1ObD/_old  2011-12-29 11:14:05.000000000 +0100
+++ /var/tmp/diff_new_pack.kK1ObD/_new  2011-12-29 11:14:05.000000000 +0100
@@ -26,7 +26,7 @@
 Url:            http://web.mit.edu/kerberos/www/
 BuildRequires:  bison krb5-devel libcom_err-devel ncurses-devel
 Version:        1.0
-Release:        4.<RELEASE2>
+Release:        4.<RELEASE5>
 Summary:        MIT Kerberos5 Implementation--Applications
 Group:          Productivity/Networking/Security
 Source0:        krb5-appl-1.0.tar.bz2
@@ -37,6 +37,7 @@
 Patch2:         krb5-appl-1.0-fix-var-used-before-value-set.dif
 Patch3:         krb5-appl-1.0-fix-path-in-manpages.dif
 Patch4:         krb5-appl-MITKRB5-SA-2011-005.dif
+Patch5:         krb5-appl-telnet-CVE-2011-4862.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -111,6 +112,7 @@
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 
 %build
 %{?suse_update_config:%{suse_update_config -f}}

++++++ krb5-appl-telnet-CVE-2011-4862.patch ++++++
Index: krb5-appl/telnet/libtelnet/encrypt.c
===================================================================
--- krb5-appl/telnet/libtelnet/encrypt.c
+++ krb5-appl/telnet/libtelnet/encrypt.c
@@ -755,6 +755,9 @@ static void encrypt_keyid(kp, keyid, len
        int dir = kp->dir;
        register int ret = 0;
 
+       if (len > MAXKEYLEN)
+               len = MAXKEYLEN;
+
        if (!(ep = (*kp->getcrypt)(*kp->modep))) {
                if (len == 0)
                        return;
continue with "q"...



Remember to have fun...

-- 
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to