[krbdev.mit.edu #6445] SVN Commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Wed Apr 15 16:07:35 EDT 2009
pull up r22176 from trunk
------------------------------------------------------------------------
r22176 | tlyu | 2009-04-07 17:22:23 -0400 (Tue, 07 Apr 2009) | 7 lines
Changed paths:
M /trunk/src/lib/krb5/asn.1/asn1_decode.c
M /trunk/src/tests/asn.1/krb5_decode_test.c
ticket: 6445
subject: CVE-2009-0846 asn1_decode_generaltime can free uninitialized pointer
tags: pullup
target_version: 1.7
The asn1_decode_generaltime() function can free an uninitialized
pointer if asn1buf_remove_charstring() fails.
http://src.mit.edu/fisheye/changelog/krb5/?cs=22250
Commit By: tlyu
Revision: 22250
Changed Files:
U branches/krb5-1-7/src/lib/krb5/asn.1/asn1_decode.c
U branches/krb5-1-7/src/tests/asn.1/krb5_decode_test.c
More information about the krb5-bugs
mailing list