Here is a patch extracted from DSA-1247-1:
--- libapache-mod-auth-kerb-4.996-5.0-rc6.orig/spnegokrb5/der_get.c
+++ libapache-mod-auth-kerb-4.996-5.0-rc6/spnegokrb5/der_get.c
@@ -151,7 +151,7 @@
if (len < 1)
return ASN1_OVERRUN;
- data->components = malloc(len * sizeof(*data->components));
+ data->components = malloc((len + 1) * sizeof(*data->components));
if (data->components == NULL && len != 0)
return ENOMEM;
data->components[0] = (*p) / 40;
--
remote heap buffer overflow DoS/code exec
https://launchpad.net/bugs/78486
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
