MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow

Russ Allbery rra at stanford.edu
Tue Jul 10 16:46:04 EDT 2007


Edward Beuerlein <ebeuerlein at aol.com> writes:

> My bad-I forgot to use the -l option in patch.  So now the issue I have
> is that the 2007-001-002-003 combo patch I applied for the older kadmin
> issues is conflicting with the 1.4.4 attached to this email.  When I run
> both patches during compile time I get this error:

The backport I did was because we didn't apply the combo patch (it didn't
apply cleanly to 1.4 and wasn't fully necessary on Linux).  If you applied
the combo patch, the patch in the advisory would probably work, or at
least be fairly close.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the Kerberos mailing list