Bug in set/change password client library

Greg Hudson ghudson at MIT.EDU
Thu May 5 12:25:24 EDT 2011

On Wed, 2011-05-04 at 23:08 -0400, Russ Allbery wrote:
> There's a bug in the set/change password client library in at least
> Kerberos 1.9 with the parsing of a reply from a server if the reply is
> longer than 255 bytes.

This bug isn't present on trunk, because r24899 consolidated the chpw
and setpw reply parsing and used the (correct) chpw code as the basis.

Does this bug occur in practice?  Is it worth making a fix for 1.9 or

More information about the krbdev mailing list