[krbdev.mit.edu #5706] SVN Commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Wed Sep 5 17:26:43 EDT 2007
pull up r19913 from trunk
r19913 at cathode-dark-space: tlyu | 2007-09-04 14:52:56 -0400
ticket: new
subject: fix CVE-2007-3999 svc_auth_gss.c buffer overflow
target_version: 1.6.3
tags: pullup
component: krb5-libs
Make sure svcauth_gss_validate adequately checks oa->oa_length prior
to copying into rpcbuf.
Commit By: tlyu
Revision: 19924
Changed Files:
_U branches/krb5-1-6/
U branches/krb5-1-6/src/lib/rpc/svc_auth_gss.c
More information about the krb5-bugs
mailing list