svn rev #19682: branches/krb5-1-5/ src/lib/rpc/

[tlyu@MIT.EDU]

Commit By: tlyu
Log Message: 
ticket: new
version_fixed: 1.5.4
subject: (krb5-1.5.x) fix MITKRB5-SA-2007-004 [CVE-2007-2442/VU#356961, CVE-2007-2443/VU#365313]

pull up r19636 for 1.5-branch

 r19636 at cathode-dark-space:  tlyu | 2007-06-26 14:08:20 -0400
 ticket: new
 target_version: 1.6.2
 tags: pullup
 subject: fix MITKRB5-SA-2007-004 [CVE-2007-2442/VU#356961, CVE-2007-2443/VU#365313]
 
 CVE-2007-2442/VU#356961: The RPC library can free an uninitialized
 pointer.  This may lead to execution of arbitrary code.
 
 CVE-2007-2443/VU#365313: The RPC library can write past the end of a
 stack buffer.  This may (but is unlikely to) lead to execution of
 arbitrary code.
 
 




Changed Files:
_U  branches/krb5-1-5/
U   branches/krb5-1-5/src/lib/rpc/svc_auth_gssapi.c
U   branches/krb5-1-5/src/lib/rpc/svc_auth_unix.c