rpms/krb5
6
0
Fork 0
Code Issues Pull Requests Releases Activity

- libgssapi_krb5: backport fix for some errors which can occur when we fail

Browse Source 
to set up the server half of a context (CVE-2009-0845)
This commit is contained in:
Nalin Dahyabhai 2009-03-17 22:26:27 +00:00
parent 78b02cd911
commit 434cefd85a
2 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
krb5-1.6.3-spnego-crash.patch Normal file
View File

@ -0,0 +1,16 @@
Upstream change #22099, triggered by report from Marcus Granado, fix by Tom Yu.
In a nutshell, when return_token is neither NO_TOKEN_SEND nor CHECK_MIC, we
might still not want a reply token, for example if it's ERROR_TOKEN_SEND.
diff -up src/lib/gssapi/spnego/spnego_mech.c src/lib/gssapi/spnego/spnego_mech.c
--- src/lib/gssapi/spnego/spnego_mech.c 2009-03-17 16:47:10.000000000 -0400
+++ src/lib/gssapi/spnego/spnego_mech.c 2009-03-17 16:47:14.000000000 -0400
@@ -1248,7 +1248,8 @@ spnego_gss_accept_sec_context(void *ct,
&negState, &return_token);
}
cleanup:
- if (return_token != NO_TOKEN_SEND && return_token != CHECK_MIC) {
+ if (return_token == INIT_TOKEN_SEND ||
+ return_token == CONT_TOKEN_SEND) {
tmpret = make_spnego_tokenTarg_msg(negState, sc->internal_mech,
&mechtok_out, mic_out,
return_token,

8
krb5.spec
View File

@ -16,7 +16,7 @@
Summary: The Kerberos network authentication system. Summary: The Kerberos network authentication system.
Name: krb5 Name: krb5
Version: 1.6.3 Version: 1.6.3
Release: 18%{?dist} Release: 19%{?dist}
# Maybe we should explode from the now-available-to-everybody tarball instead? # Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.6/krb5-1.6.2-signed.tar # http://web.mit.edu/kerberos/dist/krb5/1.6/krb5-1.6.2-signed.tar
Source0: krb5-%{version}.tar.gz Source0: krb5-%{version}.tar.gz
@ -102,6 +102,7 @@ Patch77: krb5-CVE-2007-5971.patch
Patch78: krb5-1.6.3-lucid-acceptor.patch Patch78: krb5-1.6.3-lucid-acceptor.patch
Patch79: krb5-trunk-ftp_mget_case.patch Patch79: krb5-trunk-ftp_mget_case.patch
Patch80: krb5-trunk-preauth-master.patch Patch80: krb5-trunk-preauth-master.patch
Patch81: krb5-1.6.3-spnego-crash.patch
License: MIT License: MIT
URL: http://web.mit.edu/kerberos/www/ URL: http://web.mit.edu/kerberos/www/
@ -232,6 +233,10 @@ to obtain initial credentials from a KDC using a private key and a
certificate. certificate.
%changelog %changelog
* Tue Mar 17 2009 Nalin Dahyabhai <nalin@redhat.com> 1.6.3-19
- libgssapi_krb5: backport fix for some errors which can occur when
we fail to set up the server half of a context (CVE-2009-0845)
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.3-18 * Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.3-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
@ -1396,6 +1401,7 @@ popd
%patch78 -p0 -b .lucid_acceptor %patch78 -p0 -b .lucid_acceptor
%patch79 -p0 -b .ftp_mget_case %patch79 -p0 -b .ftp_mget_case
%patch80 -p0 -b .preauth_master %patch80 -p0 -b .preauth_master
%patch81 -p0 -b .spnego-crash
cp src/krb524/README README.krb524 cp src/krb524/README README.krb524
gzip doc/*.ps gzip doc/*.ps