Archives
Archives
| From: | "Jeremy Olexa (darkside)" <darkside@g.o> |
|---|---|
| To: | gentoo-commits@l.g.o |
| Subject: | [gentoo-commits] gentoo-x86 commit in app-crypt/mit-krb5/files: CVE-2010-1320.patch |
| Date: | Fri, 30 Apr 2010 22:17:17 |
| Message-Id: | 20100430221714.907212C043@corvid.gentoo.org |
| 1 | darkside 10/04/30 22:17:14 |
| 2 | |
| 3 | Added: CVE-2010-1320.patch |
| 4 | Log: |
| 5 | Version bump by Eray Aslan, security bug 312481 |
| 6 | (Portage version: 2.1.8.3/cvs/Linux armv7l) |
| 7 | |
| 8 | Revision Changes Path |
| 9 | 1.1 app-crypt/mit-krb5/files/CVE-2010-1320.patch |
| 10 | |
| 11 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-crypt/mit-krb5/files/CVE-2010-1320.patch?rev=1.1&view=markup |
| 12 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-crypt/mit-krb5/files/CVE-2010-1320.patch?rev=1.1&content-type=text/plain |
| 13 | |
| 14 | Index: CVE-2010-1320.patch |
| 15 | =================================================================== |
| 16 | diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c |
| 17 | index b2f0655..76ca94a 100644 |
| 18 | --- a/src/kdc/do_tgs_req.c |
| 19 | +++ b/src/kdc/do_tgs_req.c |
| 20 | @@ -543,6 +543,7 @@ tgt_again: |
| 21 | to the caller */ |
| 22 | ticket_reply = *(header_ticket); |
| 23 | enc_tkt_reply = *(header_ticket->enc_part2); |
| 24 | + enc_tkt_reply.authorization_data = NULL; |
| 25 | clear(enc_tkt_reply.flags, TKT_FLG_INVALID); |
| 26 | } |
| 27 | |
| 28 | @@ -554,6 +555,7 @@ tgt_again: |
| 29 | to the caller */ |
| 30 | ticket_reply = *(header_ticket); |
| 31 | enc_tkt_reply = *(header_ticket->enc_part2); |
| 32 | + enc_tkt_reply.authorization_data = NULL; |
| 33 | |
| 34 | old_life = enc_tkt_reply.times.endtime - enc_tkt_reply.times.starttime; |