MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015]

Tom Yu tlyu at MIT.EDU
Wed Aug 1 13:59:43 EDT 2012


Chris Hecker <checker at d6.com> writes:

> The patch doesn't separate out the two issues, but it looks like it
> applies to 1.9.x if I remove the do_as_req.c part, is that correct?

Correct.


More information about the Kerberos mailing list