[krbdev.mit.edu #3086] CVS Commit

Russ Allbery <rra@stanford.edu> via RT rt-comment at krbdev.mit.edu
Mon Jun 12 14:58:08 EDT 2006


Always initialize the output token in gss_init_sec_context as required
by RFC 2744 section 5.19.  The krb5 code did this but the generic code
didn't, causing a double-free in OpenSSH.

Commit By: rra



Revision: 18114
Changed Files:
U   trunk/src/lib/gssapi/mechglue/g_init_sec_context.c




More information about the krb5-bugs mailing list