1 |
seemant 07/09/07 06:10:42 |
2 |
|
3 |
Added: 003_all_mit-krb5-SA-2007-006.patch |
4 |
Log: |
5 |
add newest krb5 security patch |
6 |
|
7 |
Revision Changes Path |
8 |
1.1 src/patchsets/mit-krb5/1.5.3/003_all_mit-krb5-SA-2007-006.patch |
9 |
|
10 |
file : http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/mit-krb5/1.5.3/003_all_mit-krb5-SA-2007-006.patch?rev=1.1&view=markup |
11 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/mit-krb5/1.5.3/003_all_mit-krb5-SA-2007-006.patch?rev=1.1&content-type=text/plain |
12 |
|
13 |
Index: 003_all_mit-krb5-SA-2007-006.patch |
14 |
=================================================================== |
15 |
diff -urN krb5-1.5.3.orig/src/lib/kadm5/srv/svr_policy.c krb5-1.5.3/src/lib/kadm5/srv/svr_policy.c |
16 |
--- krb5-1.5.3.orig/src/lib/kadm5/srv/svr_policy.c 2006-04-13 14:58:56.000000000 -0400 |
17 |
+++ krb5-1.5.3/src/lib/kadm5/srv/svr_policy.c 2007-09-07 02:07:03.000000000 -0400 |
18 |
@@ -211,8 +211,9 @@ |
19 |
if((mask & KADM5_POLICY)) |
20 |
return KADM5_BAD_MASK; |
21 |
|
22 |
- ret = krb5_db_get_policy(handle->context, entry->policy, &p, &cnt); |
23 |
- if( ret && (cnt==0) ) |
24 |
+ if ((ret = krb5_db_get_policy(handle->context, entry->policy, &p, &cnt))) |
25 |
+ return ret; |
26 |
+ if (cnt != 1) |
27 |
return KADM5_UNK_POLICY; |
28 |
|
29 |
if ((mask & KADM5_PW_MAX_LIFE)) |
30 |
diff -urN krb5-1.5.3.orig/src/lib/rpc/svc_auth_gss.c krb5-1.5.3/src/lib/rpc/svc_auth_gss.c |
31 |
--- krb5-1.5.3.orig/src/lib/rpc/svc_auth_gss.c 2004-09-17 17:52:12.000000000 -0400 |
32 |
+++ krb5-1.5.3/src/lib/rpc/svc_auth_gss.c 2007-09-07 02:08:00.000000000 -0400 |
33 |
@@ -365,7 +365,7 @@ |
34 |
oa = &msg->rm_call.cb_cred; |
35 |
IXDR_PUT_ENUM(buf, oa->oa_flavor); |
36 |
IXDR_PUT_LONG(buf, oa->oa_length); |
37 |
- if (oa->oa_length) { |
38 |
+ if (oa->oa_length && oa->oa_length <= sizeof(rpchdr)) { |
39 |
memcpy((caddr_t)buf, oa->oa_base, oa->oa_length); |
40 |
buf += RNDUP(oa->oa_length) / sizeof(int32_t); |
41 |
} |
42 |
|
43 |
|
44 |
|
45 |
-- |
46 |
gentoo-commits@g.o mailing list |