mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-08-06 05:47:13 +02:00
Leonardo Arena
parent
16bd40a6c3
commit
5f79fcd7bd
@ -3,7 +3,7 @@
|
||||
pkgname=heimdal
|
||||
pkgver=7.4.0
|
||||
_ver=${pkgver/_rc/rc}
|
||||
pkgrel=1
|
||||
pkgrel=2
|
||||
pkgdesc="An implementation of Kerberos 5"
|
||||
arch="all"
|
||||
url="http://www.h5l.org/"
|
||||
@ -22,10 +22,13 @@ source="https://github.com/heimdal/heimdal/releases/download/heimdal-$pkgver/hei
|
||||
|
||||
005_all_heimdal-suid_fix.patch
|
||||
heimdal_missing-include.patch
|
||||
CVE-2017-17439.patch
|
||||
"
|
||||
builddir="$srcdir/$pkgname-$_ver"
|
||||
|
||||
# secfixes:
|
||||
# 7.4.0-r2:
|
||||
# - CVE-2017-17439
|
||||
# 7.4.0-r0:
|
||||
# - CVE-2017-11103
|
||||
|
||||
@ -126,4 +129,5 @@ sha512sums="3bb83974180e0f6fe2e1b2a11c51cf136c9a64f13f9ed7592f0039ccccd03c1a2208
|
||||
4dca69bb1c1c6dfce8c0fc1da84855e4549be478ab09511fa5143ee61d1609fed7f3303179bc1e499b0f20445e04c41eda132dd1c5f72e2fea4fcf60a35ad2a9 heimdal-kdc.initd
|
||||
abee8390632fa775e74900d09e5c72b02fe4f9616b43cc8d0a76175486ed6d4707fb3ce4d06ceb09b0e8d1384e037c3cff6525e11def0122c35c32eebd0d196f heimdal-kpasswdd.initd
|
||||
2a6b20588a86a9ea3c35209b96ef2da0b39bc3112aec1505e69a60efc9ffb9ddc1d0dbdfaf864142e9d2f81da3d2653de56d6ffa01871c20fde17e4642625c56 005_all_heimdal-suid_fix.patch
|
||||
e89efdc942c512363aac1d9797c6bf622324e9200e282bc5ed680300b9e1b39a4ea20f059cdac8f22f972eb0af0e625fd41f267ebcafcfec0aaa81192aff79c1 heimdal_missing-include.patch"
|
||||
e89efdc942c512363aac1d9797c6bf622324e9200e282bc5ed680300b9e1b39a4ea20f059cdac8f22f972eb0af0e625fd41f267ebcafcfec0aaa81192aff79c1 heimdal_missing-include.patch
|
||||
66f92a3f0c68c7ff1f842b11ab456c94dd9fb2951b2dbb31fc4b1364d591687facd88aafadb0971a8156424470a65440111077ca02c064bdadd7490f671774b1 CVE-2017-17439.patch"
|
||||
|
||||
45
main/heimdal/CVE-2017-17439.patch
Normal file
45
main/heimdal/CVE-2017-17439.patch
Normal file
@ -0,0 +1,45 @@
|
||||
From 749d377fa357351a7bbba51f8aae72cdf0629592 Mon Sep 17 00:00:00 2001
|
||||
From: Viktor Dukhovni <viktor@twosigma.com>
|
||||
Date: Tue, 5 Dec 2017 18:49:50 -0500
|
||||
Subject: [PATCH] Security: Avoid NULL structure pointer member dereference
|
||||
|
||||
This can happen in the error path when processing malformed AS
|
||||
requests with a NULL client name. Bug originally introduced on
|
||||
Fri Feb 13 09:26:01 2015 +0100 in commit:
|
||||
|
||||
a873e21d7c06f22943a90a41dc733ae76799390d
|
||||
|
||||
kdc: base _kdc_fast_mk_error() on krb5_mk_error_ext()
|
||||
|
||||
Original patch by Jeffrey Altman <jaltman@secure-endpoints.com>
|
||||
|
||||
(cherry picked from commit 1a6a6e462dc2ac6111f9e02c6852ddec4849b887)
|
||||
---
|
||||
kdc/kerberos5.c | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
|
||||
index 95a74927f7..675b406b82 100644
|
||||
--- a/kdc/kerberos5.c
|
||||
+++ b/kdc/kerberos5.c
|
||||
@@ -2226,15 +2226,17 @@ _kdc_as_rep(kdc_request_t r,
|
||||
/*
|
||||
* In case of a non proxy error, build an error message.
|
||||
*/
|
||||
- if(ret != 0 && ret != HDB_ERR_NOT_FOUND_HERE && reply->length == 0) {
|
||||
+ if (ret != 0 && ret != HDB_ERR_NOT_FOUND_HERE && reply->length == 0) {
|
||||
ret = _kdc_fast_mk_error(context, r,
|
||||
&error_method,
|
||||
r->armor_crypto,
|
||||
&req->req_body,
|
||||
ret, r->e_text,
|
||||
r->server_princ,
|
||||
- &r->client_princ->name,
|
||||
- &r->client_princ->realm,
|
||||
+ r->client_princ ?
|
||||
+ &r->client_princ->name : NULL,
|
||||
+ r->client_princ ?
|
||||
+ &r->client_princ->realm : NULL,
|
||||
NULL, NULL,
|
||||
reply);
|
||||
if (ret)
|
||||
Loading…
Reference in New Issue
Block a user