[krbdev.mit.edu #6443] SVN Commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Wed Apr 15 16:07:31 EDT 2009
pull up r22174 from trunk
------------------------------------------------------------------------
r22174 | tlyu | 2009-04-07 17:22:17 -0400 (Tue, 07 Apr 2009) | 11 lines
Changed paths:
M /trunk/src/lib/gssapi/spnego/spnego_mech.c
ticket: 6443
subject: CVE-2009-0844 SPNEGO can read beyond buffer end
tags: pullup
target_version: 1.7
SPNEGO can read beyond the end of a buffer if the claimed DER length
exceeds the number of bytes in the input buffer. This can lead to
crash or information disclosure.
Thanks to Apple for reporting this vulnerability and providing
patches.
http://src.mit.edu/fisheye/changelog/krb5/?cs=22248
Commit By: tlyu
Revision: 22248
Changed Files:
U branches/krb5-1-7/src/lib/gssapi/spnego/spnego_mech.c
More information about the krb5-bugs
mailing list