updated patch: MITKRB5-SA-2007-006: kadmind RPC lib buffer overflow, uninitialized pointer
John Hascall
john at iastate.edu
Thu Sep 6 08:22:51 EDT 2007
> Prior to that release you may apply the following patch. Note that
> releases prior to krb5-1.5 will not need the svr_policy.c patch.
...
It would be helpful if you would also say which files
need to be re-installed after applying the patch and
making. Perhaps it was a local quirk, but I found
that some things were rebuilt that I did not expect
from your description (krb5kdc and krb524d for example).
> find . -type f | xargs ls -l | grep 'Sep 5' | grep -v 'unit-test'
-rwxr-xr-x 1 john 225533 Sep 5 18:26 ./kadmin/cli/kadmin
-rwxr-xr-x 1 john 226072 Sep 5 18:26 ./kadmin/cli/kadmin.local
-rwxr-xr-x 1 john 254659 Sep 5 18:26 ./kadmin/dbutil/kdb5_util
-rwxr-xr-x 1 john 82739 Sep 5 18:26 ./kadmin/passwd/kpasswd
-rwxr-xr-x 1 john 285860 Sep 5 18:26 ./kadmin/server/kadmind
-rwxr-xr-x 1 john 278482 Sep 5 18:26 ./kdc/krb5kdc
-rwxr-xr-x 1 john 93115 Sep 5 18:26 ./kdc/rtest
-rwxr-xr-x 1 john 110519 Sep 5 18:26 ./krb524/krb524d
-rwxr-xr-x 1 john 357170 Sep 5 18:26 ./lib/kadm5/clnt/libkadm5clnt.so.5.1
-rw-r--r-- 1 john 190 Sep 5 18:26 ./lib/kadm5/srv/OBJS.SH
-rwxr-xr-x 1 john 456868 Sep 5 18:26 ./lib/kadm5/srv/libkadm5srv.so.5.1
-rw-r--r-- 1 john 8326 Sep 5 18:25 ./lib/kadm5/srv/svr_policy.c
-rw-r--r-- 1 john 531 Sep 5 18:25 ./lib/kadm5/srv/svr_policy.c.rej
-rw-r--r-- 1 john 76560 Sep 5 18:26 ./lib/kadm5/srv/svr_policy.so
-rw-r--r-- 1 john 633 Sep 5 18:26 ./lib/rpc/OBJS.SH
-rwxr-xr-x 1 john 381527 Sep 5 18:26 ./lib/rpc/libgssrpc.so.4.0
-rw-r--r-- 1 john 19114 Sep 5 18:25 ./lib/rpc/svc_auth_gss.c
-rw-r--r-- 1 john 18913 Sep 5 18:25 ./lib/rpc/svc_auth_gss.c.orig
-rw-r--r-- 1 john 46084 Sep 5 18:26 ./lib/rpc/svc_auth_gss.so
Thanks,
John
More information about the Kerberos
mailing list