commit krb5 for openSUSE:Factory
Hello community, here is the log from the commit of package krb5 for openSUSE:Factory checked in at Fri Apr 23 19:17:35 CEST 2010. -------- --- krb5/krb5-mini.changes 2010-04-14 15:15:17.000000000 +0200 +++ krb5/krb5-mini.changes 2010-04-23 19:12:38.649692000 +0200 @@ -1,0 +2,6 @@ +Wed Apr 14 11:36:32 CEST 2010 - mc@suse.de + +- fix a double free vulnerability in the KDC + CVE-2010-1320, MITKRB5-SA-2010-004 (bnc#596002) + +------------------------------------------------------------------- krb5.changes: same change calling whatdependson for head-i586 New: ---- krb5-1.7-MITKRB5-SA-2010-004.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-doc.spec ++++++ --- /var/tmp/diff_new_pack.CpNrS2/_old 2010-04-23 19:12:53.000000000 +0200 +++ /var/tmp/diff_new_pack.CpNrS2/_new 2010-04-23 19:12:53.000000000 +0200 @@ -21,7 +21,7 @@ Name: krb5-doc BuildRequires: ghostscript-library latex2html texlive Version: 1.8.1 -Release: 1 +Release: 2 %define srcRoot krb5-1.8.1 Summary: MIT Kerberos5 Implementation--Documentation License: MIT License (or similar) ++++++ krb5-mini.spec ++++++ --- /var/tmp/diff_new_pack.CpNrS2/_old 2010-04-23 19:12:53.000000000 +0200 +++ /var/tmp/diff_new_pack.CpNrS2/_new 2010-04-23 19:12:53.000000000 +0200 @@ -28,7 +28,7 @@ BuildRequires: bison libcom_err-devel ncurses-devel BuildRequires: keyutils keyutils-devel Version: 1.8.1 -Release: 1 +Release: 2 %if ! 0%{?build_mini} BuildRequires: libopenssl-devel openldap2-devel # bug437293 @@ -47,14 +47,15 @@ Source2: baselibs.conf Source5: krb5-%{version}-rpmlintrc Source10: krb5-1.7-manpaths.txt -Patch2: krb5-1.6.1-compile_pie.dif -Patch20: krb5-1.6.3-kprop-use-mkstemp.dif -Patch30: krb5-1.7-manpaths.dif -Patch32: krb5-1.4.3-enospc.dif -Patch34: krb5-1.6.3-gssapi_improve_errormessages.dif -Patch41: krb5-1.6.3-kpasswd_tcp.patch -Patch44: krb5-1.6.3-ktutil-manpage.dif -Patch46: krb5-1.6.3-fix-ipv6-query.dif +Patch1: krb5-1.6.1-compile_pie.dif +Patch2: krb5-1.6.3-kprop-use-mkstemp.dif +Patch3: krb5-1.7-manpaths.dif +Patch4: krb5-1.4.3-enospc.dif +Patch5: krb5-1.6.3-gssapi_improve_errormessages.dif +Patch6: krb5-1.6.3-kpasswd_tcp.patch +Patch7: krb5-1.6.3-ktutil-manpage.dif +Patch8: krb5-1.6.3-fix-ipv6-query.dif +Patch9: krb5-1.7-MITKRB5-SA-2010-004.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch, coreutils PreReq: %insserv_prereq %fillup_prereq @@ -194,14 +195,15 @@ %prep %setup -q -n %{srcRoot} %setup -a 1 -T -D -n %{srcRoot} +%patch1 %patch2 -%patch20 -%patch30 -p1 -%patch32 -p1 -%patch34 -p1 -%patch41 -%patch44 -p1 -%patch46 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 # Rename the man pages so that they'll get generated correctly. pushd src cat %{SOURCE10} | while read manpage ; do krb5.spec: same change ++++++ krb5-1.7-MITKRB5-SA-2010-004.dif ++++++ Index: krb5-1.8.1/src/kdc/do_tgs_req.c =================================================================== --- krb5-1.8.1.orig/src/kdc/do_tgs_req.c +++ krb5-1.8.1/src/kdc/do_tgs_req.c @@ -543,6 +543,7 @@ tgt_again: to the caller */ ticket_reply = *(header_ticket); enc_tkt_reply = *(header_ticket->enc_part2); + enc_tkt_reply.authorization_data = NULL; clear(enc_tkt_reply.flags, TKT_FLG_INVALID); } @@ -554,6 +555,7 @@ tgt_again: to the caller */ ticket_reply = *(header_ticket); enc_tkt_reply = *(header_ticket->enc_part2); + enc_tkt_reply.authorization_data = NULL; old_life = enc_tkt_reply.times.endtime - enc_tkt_reply.times.starttime; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@hilbert.suse.de