[11547] in Kerberos-V5-bugs
[krbdev.mit.edu #6725] SVN Commit
daemon@ATHENA.MIT.EDU (Tom Yu via RT)
Wed May 19 14:52:56 2010
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Tom Yu via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6725@krbdev.mit.edu>
Message-ID: <rt-6725-32836.10.4989406660413@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6725'":;"'AdminCc of krbdev.mit.edu Ticket #6725'":;@MIT.EDU
Date: Wed, 19 May 2010 14:52:55 -0400 (EDT)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
pull up r24056 from trunk
------------------------------------------------------------------------
r24056 | tlyu | 2010-05-19 14:09:37 -0400 (Wed, 19 May 2010) | 8 lines
ticket: 6725
subject: CVE-2010-1321 GSS-API lib null pointer deref (MITKRB5-SA-2010-005)
tags: pullup
target_version: 1.8.2
Make krb5_gss_accept_sec_context() check for a null authenticator
checksum pointer before attempting to dereference it.
http://src.mit.edu/fisheye/changelog/krb5/?cs=24063
Commit By: tlyu
Revision: 24063
Changed Files:
U branches/krb5-1-8/src/lib/gssapi/krb5/accept_sec_context.c
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
