[krbdev.mit.edu #8076] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Fri Feb 6 18:58:54 EST 2015
Fix gssrpc data leakage [CVE-2014-9423]
[MITKRB5-SA-2015-001] In svcauth_gss_accept_sec_context(), do not copy
bytes from the union context into the handle field we send to the
client. We do not use this handle field, so just supply a fixed
string of "xxxx".
In gss_union_ctx_id_struct, remove the unused "interposer" field which
was causing part of the union context to remain uninitialized.
(cherry picked from commit 5bb8a6b9c9eb8dd22bc9526751610aaa255ead9c)
https://github.com/krb5/krb5/commit/34fbf2dbecbaac417625aad46d20e97ddc40c164
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: 34fbf2dbecbaac417625aad46d20e97ddc40c164
Branch: krb5-1.11
src/lib/gssapi/mechglue/mglueP.h | 1 -
src/lib/rpc/svc_auth_gss.c | 25 ++-----------------------
2 files changed, 2 insertions(+), 24 deletions(-)
More information about the krb5-bugs
mailing list