Module Name: src
Committed By: martin
Date: Thu Jul 13 09:47:03 UTC 2017
Modified Files:
src/doc [netbsd-6-0]: CHANGES-6.0.7
Log Message:
Ticket #1461
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.98 -r1.1.2.99 src/doc/CHANGES-6.0.7
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-6.0.7
diff -u src/doc/CHANGES-6.0.7:1.1.2.98 src/doc/CHANGES-6.0.7:1.1.2.99
--- src/doc/CHANGES-6.0.7:1.1.2.98 Tue Jul 11 21:28:11 2017
+++ src/doc/CHANGES-6.0.7 Thu Jul 13 09:47:03 2017
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-6.0.7,v 1.1.2.98 2017/07/11 21:28:11 snj Exp $
+# $NetBSD: CHANGES-6.0.7,v 1.1.2.99 2017/07/13 09:47:03 martin Exp $
A complete list of changes from the NetBSD 6.0.6 release to the NetBSD 6.0.7
release:
@@ -12271,3 +12271,14 @@ xsrc/xfree/xc/programs/Xserver/Xi/sendex
Fix CVE-2017-10971 and CVE-2017-10972.
[mrg, ticket #1459]
+crypto/external/bsd/heimdal/dist/lib/krb5/ticket.c 1.3-1.4
+
+ In _krb5_extract_ticket() the KDC-REP service name must be
+ obtained from encrypted version stored in 'enc_part' instead
+ of the unencrypted version stored in 'ticket'.
+ Use of the unecrypted version provides an opportunity for
+ successful server impersonation and other attacks.
+
+ Identified by Jeffrey Altman, Viktor Duchovni and Nico Williams.
+ [christos, ticket #1461]
+
