[krbdev.mit.edu #5928] SVN Commit

[Tom Yu via RT]

 r19913 at cathode-dark-space:  tlyu | 2007-09-04 14:52:56 -0400
 ticket: new
 subject: fix CVE-2007-3999 svc_auth_gss.c buffer overflow
 target_version: 1.6.3
 tags: pullup
 component: krb5-libs
 
 Make sure svcauth_gss_validate adequately checks oa->oa_length prior
 to copying into rpcbuf.
 


Commit By: tlyu



Revision: 20289
Changed Files:
_U  branches/krb5-1-5/
U   branches/krb5-1-5/src/lib/rpc/svc_auth_gss.c