updated patch: MITKRB5-SA-2007-006: kadmind RPC lib buffer overflow, uninitialized pointer
John Hascall
john at iastate.edu
Thu Sep 6 12:30:10 EDT 2007
> >>>>> "John" == John Hascall <john at iastate.edu> writes:
> John> It would be helpful if you would also say which files
> John> need to be re-installed after applying the patch and
> John> making. Perhaps it was a local quirk, but I found
> John> that some things were rebuilt that I did not expect
> John> from your description (krb5kdc and krb524d for example).
> The Makefiles currently cause every executable which depends on
> libkadm5srv to be rebuilt if libkadm5srv gets rebuilt. This dates
> back to when static libraries could be built, but might also be needed
> in certain cases for shared libraries. The KDC needs libkadm5srv
> because that's where some of the code for reading realm configuration
> information is located.
OK. So if I'm reading you correctly: Even though krb5kdc and krb524d
were rebuilt because they depend on libkadm5srv they don't make any use
of the broken/corrected routine in that library so I am safe to leave
them alone.
Thanks,
John
More information about the Kerberos
mailing list