Hello community, here is the log from the commit of package krb5 checked in at Fri May 11 10:36:43 CEST 2007. -------- --- krb5/krb5.changes 2007-05-03 12:33:11.000000000 +0200 +++ /mounts/work_src_done/STABLE/krb5/krb5.changes 2007-05-09 17:20:43.229712000 +0200 @@ -1,0 +2,6 @@ +Wed May 9 15:30:53 CEST 2007 - mc@suse.de + +- fix uninitialized salt length +- add extra check for keytab file + +------------------------------------------------------------------- --- krb5/krb5-plugins.changes 2007-05-03 12:33:11.000000000 +0200 +++ /mounts/work_src_done/STABLE/krb5/krb5-plugins.changes 2007-05-09 17:20:43.243733000 +0200 @@ -1,0 +2,6 @@ +Wed May 9 15:31:08 CEST 2007 - mc@suse.de + +- fix uninitialized salt length +- add extra check for keytab file + +------------------------------------------------------------------- New: ---- krb5-1.4.3-extra-check-kt_file.c.dif krb5-1.6.1-init-salt-length.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-doc.spec ++++++ --- /var/tmp/diff_new_pack.ht7065/_old 2007-05-11 10:36:30.000000000 +0200 +++ /var/tmp/diff_new_pack.ht7065/_new 2007-05-11 10:36:30.000000000 +0200 @@ -13,7 +13,7 @@ Name: krb5-doc BuildRequires: ghostscript-library latex2html texlive Version: 1.6.1 -Release: 9 +Release: 13 %define srcRoot krb5-1.6.1 Summary: MIT Kerberos5 Implementation--Documentation License: X11/MIT ++++++ krb5-plugins.spec ++++++ --- /var/tmp/diff_new_pack.ht7065/_old 2007-05-11 10:36:30.000000000 +0200 +++ /var/tmp/diff_new_pack.ht7065/_new 2007-05-11 10:36:30.000000000 +0200 @@ -13,7 +13,7 @@ Name: krb5-plugins Version: 1.6.1 -Release: 4 +Release: 5 BuildRequires: bison krb5-devel ncurses-devel openldap2-devel %define srcRoot krb5-1.6.1 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/ @@ -43,6 +43,8 @@ Patch22: krb5-1.5.1-fix-ftp-var-used-uninitialized.dif #Patch23: trunk-install-preauth-header.dif Patch24: krb5-1.5.1-fix-strncat-warning.dif +Patch25: krb5-1.6.1-init-salt-length.dif +Patch26: krb5-1.4.3-extra-check-kt_file.c.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -106,6 +108,8 @@ %patch22 #%patch23 %patch24 +%patch25 +%patch26 cp %{_sourcedir}/EncryptWithMasterKey.c %{_builddir}/%{srcRoot}/src/kadmin/dbutil/EncryptWithMasterKey.c %build @@ -203,6 +207,9 @@ %{_mandir}/man8/* %changelog +* Wed May 09 2007 - mc@suse.de +- fix uninitialized salt length +- add extra check for keytab file * Thu May 03 2007 - mc@suse.de - adding krb5-1.6.1-post.dif * fix segfault in krb5_get_init_creds_password ++++++ krb5.spec ++++++ --- /var/tmp/diff_new_pack.ht7065/_old 2007-05-11 10:36:30.000000000 +0200 +++ /var/tmp/diff_new_pack.ht7065/_new 2007-05-11 10:36:30.000000000 +0200 @@ -12,7 +12,7 @@ Name: krb5 Version: 1.6.1 -Release: 9 +Release: 12 BuildRequires: bison libcom_err ncurses-devel %if %{suse_version} > 1010 BuildRequires: keyutils keyutils-devel @@ -46,6 +46,8 @@ Patch22: krb5-1.5.1-fix-ftp-var-used-uninitialized.dif #Patch23: trunk-install-preauth-header.dif Patch24: krb5-1.5.1-fix-strncat-warning.dif +Patch25: krb5-1.6.1-init-salt-length.dif +Patch26: krb5-1.4.3-extra-check-kt_file.c.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch @@ -196,6 +198,8 @@ %patch22 #%patch23 %patch24 +%patch25 +%patch26 cp %{_sourcedir}/EncryptWithMasterKey.c %{_builddir}/%{srcRoot}/src/kadmin/dbutil/EncryptWithMasterKey.c %build @@ -501,6 +505,9 @@ %{_mandir}/man1/krb5-config.1* %changelog +* Wed May 09 2007 - mc@suse.de +- fix uninitialized salt length +- add extra check for keytab file * Thu May 03 2007 - mc@suse.de - adding krb5-1.6.1-post.dif * fix segfault in krb5_get_init_creds_password ++++++ krb5-1.4.3-extra-check-kt_file.c.dif ++++++ Index: src/lib/krb5/keytab/kt_file.c =================================================================== --- src/lib/krb5/keytab/kt_file.c.orig +++ src/lib/krb5/keytab/kt_file.c @@ -461,6 +461,10 @@ krb5_ktfile_get_next(krb5_context contex kerror = KTLOCK(id); if (kerror) return kerror; + if (KTFILEP(id) == NULL) { + KTUNLOCK(id); + return KRB5_KT_IOERR; + } if (fseek(KTFILEP(id), *fileoff, 0) == -1) { KTUNLOCK(id); return KRB5_KT_END; ++++++ krb5-1.6.1-init-salt-length.dif ++++++ Index: src/lib/krb5/asn.1/ldap_key_seq.c =================================================================== --- src/lib/krb5/asn.1/ldap_key_seq.c.orig +++ src/lib/krb5/asn.1/ldap_key_seq.c @@ -341,7 +341,8 @@ static asn1_error_code asn1_decode_key(a if (asn1buf_remains(&slt, 0) != 0) { /* Salt value is optional */ ret = decode_tagged_octetstring (&slt, 1, &keylen, &key->key_data_contents[1]); checkerr; - } + } else + keylen = 0; safe_syncbuf (&subbuf, &slt); key->key_data_length[1] = keylen; /* XXX range check?? */ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org