rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- switch to the updated patch for MITKRB-SA-2006-001

Browse Source
This commit is contained in:
Nalin Dahyabhai 2006-08-18 16:50:54 +00:00
parent 2bc5a13d2a
commit d859fd0556
2 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
2006-001-patch_1.5.txt
View File

@ -1,6 +1,6 @@
Index: appl/gssftp/ftpd/ftpd.c Index: appl/gssftp/ftpd/ftpd.c
=================================================================== ===================================================================
*** appl/gssftp/ftpd/ftpd.c (revision 18419) *** appl/gssftp/ftpd/ftpd.c (revision 18440)
--- appl/gssftp/ftpd/ftpd.c (working copy) --- appl/gssftp/ftpd/ftpd.c (working copy)
*************** ***************
*** 1367,1373 **** *** 1367,1373 ****
@ -61,7 +61,7 @@ Index: appl/gssftp/ftpd/ftpd.c
goto pasv_error; goto pasv_error;
Index: appl/bsd/v4rcp.c Index: appl/bsd/v4rcp.c
=================================================================== ===================================================================
*** appl/bsd/v4rcp.c (revision 18419) *** appl/bsd/v4rcp.c (revision 18440)
--- appl/bsd/v4rcp.c (working copy) --- appl/bsd/v4rcp.c (working copy)
*************** ***************
*** 436,442 **** *** 436,442 ****
@ -105,7 +105,7 @@ Index: appl/bsd/v4rcp.c
Index: appl/bsd/krcp.c Index: appl/bsd/krcp.c
=================================================================== ===================================================================
*** appl/bsd/krcp.c (revision 18419) *** appl/bsd/krcp.c (revision 18440)
--- appl/bsd/krcp.c (working copy) --- appl/bsd/krcp.c (working copy)
*************** ***************
*** 620,626 **** *** 620,626 ****
@ -159,7 +159,7 @@ Index: appl/bsd/krcp.c
} }
Index: appl/bsd/login.c Index: appl/bsd/login.c
=================================================================== ===================================================================
*** appl/bsd/login.c (revision 18419) *** appl/bsd/login.c (revision 18440)
--- appl/bsd/login.c (working copy) --- appl/bsd/login.c (working copy)
*************** ***************
*** 1648,1654 **** *** 1648,1654 ****
@ -183,7 +183,7 @@ Index: appl/bsd/login.c
/* This call MUST succeed */ /* This call MUST succeed */
Index: appl/bsd/krshd.c Index: appl/bsd/krshd.c
=================================================================== ===================================================================
*** appl/bsd/krshd.c (revision 18419) *** appl/bsd/krshd.c (revision 18440)
--- appl/bsd/krshd.c (working copy) --- appl/bsd/krshd.c (working copy)
*************** ***************
*** 1403,1411 **** *** 1403,1411 ****
@ -214,26 +214,25 @@ Index: appl/bsd/krshd.c
char **findtz = environ; char **findtz = environ;
Index: clients/ksu/main.c Index: clients/ksu/main.c
=================================================================== ===================================================================
*** clients/ksu/main.c (revision 18419) *** clients/ksu/main.c (revision 18440)
--- clients/ksu/main.c (working copy) --- clients/ksu/main.c (working copy)
*************** ***************
*** 892,900 **** *** 893,900 ****
const char * cc_name;
struct stat st_temp; struct stat st_temp;
! krb5_seteuid(0); krb5_seteuid(0);
! krb5_seteuid(target_uid); ! krb5_seteuid(target_uid);
! !
cc_name = krb5_cc_get_name(context, cc); cc_name = krb5_cc_get_name(context, cc);
if ( ! stat(cc_name, &st_temp)){ if ( ! stat(cc_name, &st_temp)){
if ((retval = krb5_cc_destroy(context, cc))){ if ((retval = krb5_cc_destroy(context, cc))){
--- 892,903 ---- --- 893,904 ----
const char * cc_name;
struct stat st_temp; struct stat st_temp;
! if (krb5_seteuid(0) < 0 || krb5_seteuid(target_uid) < 0) { krb5_seteuid(0);
! if (krb5_seteuid(target_uid) < 0) {
! com_err(prog_name, errno, ! com_err(prog_name, errno,
! "while returning to source uid for destroying ccache"); ! "while changing to target uid for destroying ccache");
! exit(1); ! exit(1);
! } ! }
! !
@ -242,7 +241,7 @@ Index: clients/ksu/main.c
if ((retval = krb5_cc_destroy(context, cc))){ if ((retval = krb5_cc_destroy(context, cc))){
Index: lib/krb4/kuserok.c Index: lib/krb4/kuserok.c
=================================================================== ===================================================================
*** lib/krb4/kuserok.c (revision 18419) *** lib/krb4/kuserok.c (revision 18440)
--- lib/krb4/kuserok.c (working copy) --- lib/krb4/kuserok.c (working copy)
*************** ***************
*** 159,167 **** *** 159,167 ****

5
krb5.spec
View File

@ -10,7 +10,7 @@
Summary: The Kerberos network authentication system. Summary: The Kerberos network authentication system.
Name: krb5 Name: krb5
Version: 1.5 Version: 1.5
Release: 5 Release: 6
# Maybe we should explode from the now-available-to-everybody tarball instead? # Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.5/krb5-1.5-signed.tar # http://web.mit.edu/kerberos/dist/krb5/1.5/krb5-1.5-signed.tar
Source0: krb5-%{version}.tar.gz Source0: krb5-%{version}.tar.gz
@ -132,6 +132,9 @@ network uses Kerberos, this package should be installed on every
workstation. workstation.
%changelog %changelog
* Fri Aug 18 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.5-6
- switch to the updated patch for MITKRB-SA-2006-001
* Tue Aug 8 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.5-5 * Tue Aug 8 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.5-5
- apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084) - apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084)