MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname

Sam Hartman hartmans at MIT.EDU
Thu Jun 3 15:42:54 EDT 2004

>>>>> "Andreas" == Andreas  <andreas at> writes:

    Andreas> On Wed, Jun 02, 2004 at 08:40:29PM -0400, Sam Hartman
    Andreas> wrote:
    >> Tom, what's up with the new patch?

    Andreas> What new patch?

Tom's original advisory had a patch which is correct for the
HAVE_REGCOMP case, which describes most modern systems.

However, the regexp.h case is broken and will break rule-based entries
on systems without have_regcomp.  A new patch should be out shortly.

More information about the Kerberos mailing list