Hello community, here is the log from the commit of package krb5-appl for openSUSE:11.4 checked in at Thu Dec 29 11:14:40 CET 2011.
-------- --- old-versions/11.4/UPDATES/all/krb5-appl/krb5-appl.changes 2011-07-06 15:43:55.000000000 +0200 +++ 11.4/krb5-appl/krb5-appl.changes 2011-12-28 19:11:50.000000000 +0100 @@ -1,0 +2,5 @@ +Wed Dec 28 19:11:34 CET 2011 - [email protected] + +- Fixed a remote code execution in ktelnetd (CVE-2011-4862 / bnc#738632) + +------------------------------------------------------------------- calling whatdependson for 11.4-i586 New: ---- krb5-appl-telnet-CVE-2011-4862.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-appl.spec ++++++ --- /var/tmp/diff_new_pack.rAACQ6/_old 2011-12-29 11:14:29.000000000 +0100 +++ /var/tmp/diff_new_pack.rAACQ6/_new 2011-12-29 11:14:29.000000000 +0100 @@ -26,7 +26,7 @@ Url: http://web.mit.edu/kerberos/www/ BuildRequires: bison krb5-devel libcom_err-devel ncurses-devel Version: 1.0 -Release: 7.<RELEASE10> +Release: 7.<RELEASE12> Summary: MIT Kerberos5 Implementation--Applications Group: Productivity/Networking/Security Source0: krb5-appl-1.0.tar.bz2 @@ -38,6 +38,7 @@ Patch3: krb5-appl-1.0-fix-path-in-manpages.dif Patch4: fix-telnet.dif Patch5: krb5-appl-MITKRB5-SA-2011-005.dif +Patch6: krb5-appl-telnet-CVE-2011-4862.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -113,9 +114,11 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %build %{?suse_update_config:%{suse_update_config -f}} +autoconf ./autogen.sh CFLAGS="$RPM_OPT_FLAGS -I/usr/include/et -fpie" \ LDFLAGS="-pie " \ ++++++ fix-telnet.dif ++++++ --- /var/tmp/diff_new_pack.rAACQ6/_old 2011-12-29 11:14:29.000000000 +0100 +++ /var/tmp/diff_new_pack.rAACQ6/_new 2011-12-29 11:14:29.000000000 +0100 @@ -1,125 +1,3 @@ -Gemeinsame Unterverzeichnisse: krb5-appl-1.0//bsd und krb5-appl-1.0.1//bsd. -diff -u krb5-appl-1.0//configure krb5-appl-1.0.1//configure ---- krb5-appl-1.0//configure 2010-03-03 00:59:12.000000000 +0100 -+++ krb5-appl-1.0.1//configure 2010-05-22 14:17:15.000000000 +0200 -@@ -8840,9 +8840,7 @@ - - - -- -- --for ac_func in line_push logwtmp openpty ptsname revoke rmufile rresvport_af -+for ac_func in line_push ptsname revoke rmufile rresvport_af - do - as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` - { echo "$as_me:$LINENO: checking for $ac_func" >&5 -@@ -9330,6 +9328,106 @@ - done - - -+# Check for functions found in libutil. -+old_LIBS="$LIBS" -+LIBS="$UTIL_LIB $LIBS" -+ -+ -+for ac_func in logwtmp openpty -+do -+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -+{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -+if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then -+ echo $ECHO_N "(cached) $ECHO_C" >&6 -+else -+ cat >conftest.$ac_ext <<_ACEOF -+/* confdefs.h. */ -+_ACEOF -+cat confdefs.h >>conftest.$ac_ext -+cat >>conftest.$ac_ext <<_ACEOF -+/* end confdefs.h. */ -+/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func. -+ For example, HP-UX 11i <limits.h> declares gettimeofday. */ -+#define $ac_func innocuous_$ac_func -+ -+/* System header to define __stub macros and hopefully few prototypes, -+ which can conflict with char $ac_func (); below. -+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since -+ <limits.h> exists even on freestanding compilers. */ -+ -+#ifdef __STDC__ -+# include <limits.h> -+#else -+# include <assert.h> -+#endif -+ -+#undef $ac_func -+ -+/* Override any GCC internal prototype to avoid an error. -+ Use char because int might match the return type of a GCC -+ builtin and then its argument prototype would still apply. */ -+#ifdef __cplusplus -+extern "C" -+#endif -+char $ac_func (); -+/* The GNU C library defines this for functions which it implements -+ to always fail with ENOSYS. Some functions are actually named -+ something starting with __ and the normal name is an alias. */ -+#if defined __stub_$ac_func || defined __stub___$ac_func -+choke me -+#endif -+ -+int -+main () -+{ -+return $ac_func (); -+ ; -+ return 0; -+} -+_ACEOF -+rm -f conftest.$ac_objext conftest$ac_exeext -+if { (ac_try="$ac_link" -+case "(($ac_try" in -+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; -+ *) ac_try_echo=$ac_try;; -+esac -+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 -+ (eval "$ac_link") 2>conftest.er1 -+ ac_status=$? -+ grep -v '^ *+' conftest.er1 >conftest.err -+ rm -f conftest.er1 -+ cat conftest.err >&5 -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); } && { -+ test -z "$ac_c_werror_flag" || -+ test ! -s conftest.err -+ } && test -s conftest$ac_exeext && -+ $as_test_x conftest$ac_exeext; then -+ eval "$as_ac_var=yes" -+else -+ echo "$as_me: failed program was:" >&5 -+sed 's/^/| /' conftest.$ac_ext >&5 -+ -+ eval "$as_ac_var=no" -+fi -+ -+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ -+ conftest$ac_exeext conftest.$ac_ext -+fi -+ac_res=`eval echo '${'$as_ac_var'}'` -+ { echo "$as_me:$LINENO: result: $ac_res" >&5 -+echo "${ECHO_T}$ac_res" >&6; } -+if test `eval echo '${'$as_ac_var'}'` = yes; then -+ cat >>confdefs.h <<_ACEOF -+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -+_ACEOF -+ -+fi -+done -+ -+LIBS="$old_LIBS" -+ - # Determine which functions to define in libmissing. - - diff -u krb5-appl-1.0//configure.ac krb5-appl-1.0.1//configure.ac --- krb5-appl-1.0//configure.ac 2009-11-21 22:46:39.000000000 +0100 +++ krb5-appl-1.0.1//configure.ac 2010-05-22 14:08:50.000000000 +0200 ++++++ krb5-appl-telnet-CVE-2011-4862.patch ++++++ Index: krb5-appl/telnet/libtelnet/encrypt.c =================================================================== --- krb5-appl/telnet/libtelnet/encrypt.c +++ krb5-appl/telnet/libtelnet/encrypt.c @@ -755,6 +755,9 @@ static void encrypt_keyid(kp, keyid, len int dir = kp->dir; register int ret = 0; + if (len > MAXKEYLEN) + len = MAXKEYLEN; + if (!(ep = (*kp->getcrypt)(*kp->modep))) { if (len == 0) return; continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
