updated patch: MITKRB5-SA-2007-006: kadmind RPC lib buffer overflow, uninitialized pointer

Tom Yu tlyu at MIT.EDU
Thu Sep 6 13:50:57 EDT 2007


>>>>> "John" == John Hascall <john at iastate.edu> writes:

John> OK.  So if I'm reading you correctly:  Even though krb5kdc and krb524d
John> were rebuilt because they depend on libkadm5srv they don't make any use
John> of the broken/corrected routine in that library so I am safe to leave
John> them alone.

Also in an installation using shared libraries, installing the updated
shared library should be sufficient.



More information about the Kerberos mailing list