- add upstream patch for KDC crash during referral processing

(CVE-2009-3295), via Tom Yu
2010-01-04 15:56:24 +00:00 · 2010-01-04 15:56:24 +00:00 · 795e5e14a6
commit 795e5e14a6
parent a019df8a50
2 changed files with 34 additions and 1 deletions
--- a/2009-003-patch.txt
+++ b/2009-003-patch.txt
@ -0,0 +1,27 @@
+diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
+index 298e132..12180ff 100644
+--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
+@@ -1158,7 +1158,7 @@ prep_reprocess_req(krb5_kdc_req *request, krb5_principal *krbtgt_princ)
+             free(temp_buf);
+             if (retval) {
+                 /* no match found */
+-                kdc_err(kdc_context, retval, 0);
+                kdc_err(kdc_context, retval, "unable to find realm of host");
+                 goto cleanup;
+             }
+             if (realms == 0) {
+diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c
+index efff818..ef3735a 100644
+--- a/src/lib/kadm5/logger.c
+++ b/src/lib/kadm5/logger.c
+@@ -188,6 +188,9 @@ klog_com_err_proc(const char *whoami, long int code, const char *format, va_list
+     char	*cp;
+     char	*syslogp;
+ 
+    if (whoami == NULL || format == NULL)
+        return;
+
+     /* Make the header */
+     snprintf(outbuf, sizeof(outbuf), "%s: ", whoami);
+     /*
--- a/krb5.spec
+++ b/krb5.spec
@ -10,7 +10,7 @@
 Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.7
-Release: 14%{?dist}
+Release: 15%{?dist}
 # Maybe we should explode from the now-available-to-everybody tarball instead?
 # http://web.mit.edu/kerberos/dist/krb5/1.7/krb5-1.7-signed.tar
 Source0: krb5-%{version}.tar.gz
@ -80,6 +80,7 @@ Patch88: krb5-1.7-sizeof.patch
 Patch89: krb5-1.7-largefile.patch
 Patch90: krb5-1.7-openssl-1.0.patch
 Patch91: krb5-1.7-spnego-deleg.patch
+Patch92: http://web.mit.edu/kerberos/advisories/2009-003-patch.txt

 License: MIT
 URL: http://web.mit.edu/kerberos/www/
@ -216,6 +217,10 @@ to obtain initial credentials from a KDC using a private key and a
 certificate.

 %changelog
+* Mon Jan  4 2010 Nalin Dahyabhai <nalin@redhat.com> - 1.7-15
+- add upstream patch for KDC crash during referral processing (CVE-2009-3295),
+  via Tom Yu
+
 * Mon Dec 21 2009 Nalin Dahyabhai <nalin@redhat.com> - 1.7-14
 - refresh patch for #542868 from trunk

@ -1520,6 +1525,7 @@ popd
 %patch89 -p1 -b .largefile
 %patch90 -p0 -b .openssl-1.0
 %patch91 -p0 -b .spnego-deleg
+%patch92 -p1 -b .2009-003
 gzip doc/*.ps

 sed -i -e '1s!\[twoside\]!!;s!%\(\\usepackage{hyperref}\)!\1!' doc/api/library.tex