rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Drop patch for CVE-2013-1418, included in 1.11.4

Browse Source
This commit is contained in:
Nalin Dahyabhai 2013-11-12 16:25:26 -05:00
parent 1f02b0bc49
commit 8f876bbbeb
2 changed files with 1 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
krb5-CVE-2013-1418.patch
View File

@ -1,35 +0,0 @@
commit 05c544eef3633b774ca38154ba4c2bf3416b471b
Author: Tom Yu <tlyu@mit.edu>
Date: Mon Nov 4 15:33:09 2013 -0500
Multi-realm KDC null deref [CVE-2013-1418]
If a KDC serves multiple realms, certain requests can cause
setup_server_realm() to dereference a null pointer, crashing the KDC.
CVSSv2: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C
A related but more minor vulnerability requires authentication to
exploit, and is only present if a third-party KDC database module can
dereference a null pointer under certain conditions.
(back ported from commit 5d2d9a1abe46a2c1a8614d4672d08d9d30a5f8bf)
ticket: 7756 (new)
version_fixed: 1.11.4
status: resolved
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 1624046..8a085a2 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -125,6 +125,9 @@ setup_server_realm(struct server_handle *handle, krb5_principal sprinc)
int kdc_numrealms = handle->kdc_numrealms;
kret = 0;
+ if (sprinc == NULL)
+ return NULL;
+
if (kdc_numrealms > 1) {
if (!(newrealm = find_realm_data(handle, sprinc->realm.data,
(krb5_ui_4) sprinc->realm.length)))

3
krb5.spec
View File

@ -106,7 +106,6 @@ Patch134: krb5-1.11-kpasswdtest.patch
Patch135: krb5-1.11-check_transited.patch Patch135: krb5-1.11-check_transited.patch
Patch136: krb5-1.11.3-prompter1.patch Patch136: krb5-1.11.3-prompter1.patch
Patch137: krb5-1.11.3-prompter2.patch Patch137: krb5-1.11.3-prompter2.patch
Patch139: krb5-CVE-2013-1418.patch
# Patches for otp plugin backport # Patches for otp plugin backport
Patch201: krb5-1.11.2-keycheck.patch Patch201: krb5-1.11.2-keycheck.patch
@ -352,7 +351,6 @@ ln -s NOTICE LICENSE
%patch135 -p1 -b .check_transited %patch135 -p1 -b .check_transited
%patch136 -p1 -b .prompter1 %patch136 -p1 -b .prompter1
%patch137 -p1 -b .prompter2 %patch137 -p1 -b .prompter2
%patch139 -p1 -b .CVE-2013-1418
%patch201 -p1 -b .keycheck %patch201 -p1 -b .keycheck
%patch202 -p1 -b .otp %patch202 -p1 -b .otp
@ -1008,6 +1006,7 @@ exit 0
- update to 1.11.4 - update to 1.11.4
- drop patch for RT#7650, obsoleted - drop patch for RT#7650, obsoleted
- drop patch for RT#7706, obsoleted as RT#7723 - drop patch for RT#7706, obsoleted as RT#7723
- drop patch for CVE-2013-1418, included in 1.11.4
* Tue Nov 12 2013 Nalin Dahyabhai <nalin@redhat.com> - 1.11.3-31 * Tue Nov 12 2013 Nalin Dahyabhai <nalin@redhat.com> - 1.11.3-31
- switch to the simplified version of the patch for #1029110 (RT#7764) - switch to the simplified version of the patch for #1029110 (RT#7764)