MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname
Sam Hartman
hartmans at MIT.EDU
Thu Jun 3 15:42:54 EDT 2004
>>>>> "Andreas" == Andreas <andreas at conectiva.com.br> writes:
Andreas> On Wed, Jun 02, 2004 at 08:40:29PM -0400, Sam Hartman
Andreas> wrote:
>> Tom, what's up with the new patch?
Andreas> What new patch?
Tom's original advisory had a patch which is correct for the
HAVE_REGCOMP case, which describes most modern systems.
However, the regexp.h case is broken and will break rule-based entries
on systems without have_regcomp. A new patch should be out shortly.
More information about the Kerberos
mailing list