svn rev #19638: branches/krb5-1-6/ src/lib/rpc/
tlyu@MIT.EDU
tlyu at MIT.EDU
Tue Jun 26 14:29:40 EDT 2007
Commit By: tlyu
Log Message:
ticket: 5585
version_fixed: 1.6.2
pull up r19636 from trunk
r19636 at cathode-dark-space: tlyu | 2007-06-26 14:08:20 -0400
ticket: new
target_version: 1.6.2
tags: pullup
subject: fix MITKRB5-SA-2007-004 [CVE-2007-2442/VU#356961, CVE-2007-2443/VU#365313]
CVE-2007-2442/VU#356961: The RPC library can free an uninitialized
pointer. This may lead to execution of arbitrary code.
CVE-2007-2443/VU#365313: The RPC library can write past the end of a
stack buffer. This may (but is unlikely to) lead to execution of
arbitrary code.
Changed Files:
_U branches/krb5-1-6/
U branches/krb5-1-6/src/lib/rpc/svc_auth_gssapi.c
U branches/krb5-1-6/src/lib/rpc/svc_auth_unix.c
More information about the cvs-krb5
mailing list