diff options
author | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2019-03-11 10:38:28 +0000 |
---|---|---|
committer | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2019-03-11 10:38:28 +0000 |
commit | bb3c293a86c9ad9e1f80fb1a35fbf216e7b54b5f (patch) | |
tree | 0f96d6dbc94715d0e18b408905a108c09b9d4e1d /user/heimdal/CVE-2017-17439.patch | |
parent | 00aa49a062ccc758c333353409d4e4c0065a2482 (diff) | |
download | packages-bb3c293a86c9ad9e1f80fb1a35fbf216e7b54b5f.tar.gz packages-bb3c293a86c9ad9e1f80fb1a35fbf216e7b54b5f.tar.bz2 packages-bb3c293a86c9ad9e1f80fb1a35fbf216e7b54b5f.tar.xz packages-bb3c293a86c9ad9e1f80fb1a35fbf216e7b54b5f.zip |
user/heimdal: move to legacy/
Diffstat (limited to 'user/heimdal/CVE-2017-17439.patch')
-rw-r--r-- | user/heimdal/CVE-2017-17439.patch | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/user/heimdal/CVE-2017-17439.patch b/user/heimdal/CVE-2017-17439.patch deleted file mode 100644 index 8c3273971..000000000 --- a/user/heimdal/CVE-2017-17439.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 749d377fa357351a7bbba51f8aae72cdf0629592 Mon Sep 17 00:00:00 2001 -From: Viktor Dukhovni <viktor@twosigma.com> -Date: Tue, 5 Dec 2017 18:49:50 -0500 -Subject: [PATCH] Security: Avoid NULL structure pointer member dereference - -This can happen in the error path when processing malformed AS -requests with a NULL client name. Bug originally introduced on -Fri Feb 13 09:26:01 2015 +0100 in commit: - - a873e21d7c06f22943a90a41dc733ae76799390d - - kdc: base _kdc_fast_mk_error() on krb5_mk_error_ext() - -Original patch by Jeffrey Altman <jaltman@secure-endpoints.com> - -(cherry picked from commit 1a6a6e462dc2ac6111f9e02c6852ddec4849b887) ---- - kdc/kerberos5.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c -index 95a74927f7..675b406b82 100644 ---- a/kdc/kerberos5.c -+++ b/kdc/kerberos5.c -@@ -2226,15 +2226,17 @@ _kdc_as_rep(kdc_request_t r, - /* - * In case of a non proxy error, build an error message. - */ -- if(ret != 0 && ret != HDB_ERR_NOT_FOUND_HERE && reply->length == 0) { -+ if (ret != 0 && ret != HDB_ERR_NOT_FOUND_HERE && reply->length == 0) { - ret = _kdc_fast_mk_error(context, r, - &error_method, - r->armor_crypto, - &req->req_body, - ret, r->e_text, - r->server_princ, -- &r->client_princ->name, -- &r->client_princ->realm, -+ r->client_princ ? -+ &r->client_princ->name : NULL, -+ r->client_princ ? -+ &r->client_princ->realm : NULL, - NULL, NULL, - reply); - if (ret) |