mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2026-05-04 20:06:43 +02:00
main/krb5: security fix (CVE-2002-2443)
ref ##1927
This commit is contained in:
Natanael Copa
parent
25d8ef878f
commit
635b532cd2
@ -16,6 +16,7 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-server
|
||||
source="http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-$pkgver-signed.tar
|
||||
mit-krb5-1.11_uninitialized.patch
|
||||
mit-krb5_krb5-config_LDFLAGS.patch
|
||||
CVE-2002-2443.patch
|
||||
krb5kadmind.initd
|
||||
krb5kdc.initd
|
||||
krb5kpropd.initd
|
||||
@ -113,18 +114,21 @@ libs() {
|
||||
md5sums="d7a63c9c68b65efa71a615c67b6edf70 krb5-1.11.2-signed.tar
|
||||
597cd7ab74a8113b86e3405c15ccfecb mit-krb5-1.11_uninitialized.patch
|
||||
656e242de9b5ada1edf398983db51eef mit-krb5_krb5-config_LDFLAGS.patch
|
||||
0cdce7c384974b916f00e3e9932df488 CVE-2002-2443.patch
|
||||
29906e70e15025dda8b315d8209cab4c krb5kadmind.initd
|
||||
47efe7f24c98316d38ea46ad629b3517 krb5kdc.initd
|
||||
3e0b8313c1e5bfb7625f35e76a5e53f1 krb5kpropd.initd"
|
||||
sha256sums="f0373295fb320b9702468eb0df33397e7278326ec1681a8c6037cc53cb0120a5 krb5-1.11.2-signed.tar
|
||||
81a0d432b6d1686587b25b6ce70f0b8558e0c693da4c63b9de881962ae01c043 mit-krb5-1.11_uninitialized.patch
|
||||
9ebfc38cc167bbf451105807512845cd961f839d64b7e2904a6c4e722e41fe2b mit-krb5_krb5-config_LDFLAGS.patch
|
||||
1e2b53152faa9309d4dbfa0126d4e041d3c5a4519b91487aa20d019b9c00af9b CVE-2002-2443.patch
|
||||
c7a1ec03472996daaaaf1a4703566113c80f72ee8605d247098a25a13dad1f5f krb5kadmind.initd
|
||||
709309dea043aa306c2fcf0960e0993a6db540c220de64cf92d6b85f1cca23c5 krb5kdc.initd
|
||||
86b15d691e32b331ac756ee368b7364de6ab238dcae5adfed2a00b57d1b64ef4 krb5kpropd.initd"
|
||||
sha512sums="2db58530a98c4bdf9c6f797f3fb2881a3bdeda680804309f1f40e877a5a1c6e589021e1e0521b5a258626e5d04105ad0c01575b2104313b4b9592ee1ae8b8006 krb5-1.11.2-signed.tar
|
||||
4d2ea5189971df13bf874d29bcf89fa3bfeb1d25b3bd9245ee7c88f5c4834e950c5978ce13df3b8fc05f98dd7d5510dad43af0440436958fa23f9e1a51f60f76 mit-krb5-1.11_uninitialized.patch
|
||||
8118518e359cb5e69e3321b7438b200d5d74ceeac16b4623bf4e4bfb4ead6c656de6fa153f9bcc454097b45a512bc8cd0798b1f062a2c4a09f75253b204a7a17 mit-krb5_krb5-config_LDFLAGS.patch
|
||||
4f578a1c52de1cf2483aac4798eb577add8149daec9cb34c8cb1c2aeec8f78c8422f24c0a6844c8cc57d3eeea673d5f71fdb4369b11d3c682cf608270be07808 CVE-2002-2443.patch
|
||||
561af06b4e0f0e130dda345ad934bcdb9984ec00cc38d871df1d3bb3f9e1c7d86f06db5b03229707c88b96ad324e3a2222420f8494aa431002cacea0246b1153 krb5kadmind.initd
|
||||
d6d0076886ce284fc395fafc2dc253b4b3ee97b2986dea51388d96a1e1294680fb171f475efc7844559e2c6aac44b26678a9255921db9a58dcf2e7164f0aeec5 krb5kdc.initd
|
||||
f97d33fa977c132a470d95fd539d8e8db018e03f28dbc9d3e04faf78ebb7392196e7d5135f138c2390979bf37b3ae0265e6827f0c17b44b277eb2dfff0a96f77 krb5kpropd.initd"
|
||||
|
||||
69
main/krb5/CVE-2002-2443.patch
Normal file
69
main/krb5/CVE-2002-2443.patch
Normal file
@ -0,0 +1,69 @@
|
||||
From cf1a0c411b2668c57c41e9c4efd15ba17b6b322c Mon Sep 17 00:00:00 2001
|
||||
From: Tom Yu <tlyu@mit.edu>
|
||||
Date: Fri, 3 May 2013 16:26:46 -0400
|
||||
Subject: [PATCH] Fix kpasswd UDP ping-pong [CVE-2002-2443]
|
||||
|
||||
The kpasswd service provided by kadmind was vulnerable to a UDP
|
||||
"ping-pong" attack [CVE-2002-2443]. Don't respond to packets unless
|
||||
they pass some basic validation, and don't respond to our own error
|
||||
packets.
|
||||
|
||||
Some authors use CVE-1999-0103 to refer to the kpasswd UDP ping-pong
|
||||
attack or UDP ping-pong attacks in general, but there is discussion
|
||||
leading toward narrowing the definition of CVE-1999-0103 to the echo,
|
||||
chargen, or other similar built-in inetd services.
|
||||
|
||||
Thanks to Vincent Danen for alerting us to this issue.
|
||||
|
||||
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C
|
||||
|
||||
ticket: 7637 (new)
|
||||
target_version: 1.11.3
|
||||
tags: pullup
|
||||
---
|
||||
src/kadmin/server/schpw.c | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c
|
||||
index 15b0ab5..7f455d8 100644
|
||||
--- a/src/kadmin/server/schpw.c
|
||||
+++ b/src/kadmin/server/schpw.c
|
||||
@@ -52,7 +52,7 @@
|
||||
ret = KRB5KRB_AP_ERR_MODIFIED;
|
||||
numresult = KRB5_KPASSWD_MALFORMED;
|
||||
strlcpy(strresult, "Request was truncated", sizeof(strresult));
|
||||
- goto chpwfail;
|
||||
+ goto bailout;
|
||||
}
|
||||
|
||||
ptr = req->data;
|
||||
@@ -67,7 +67,7 @@
|
||||
numresult = KRB5_KPASSWD_MALFORMED;
|
||||
strlcpy(strresult, "Request length was inconsistent",
|
||||
sizeof(strresult));
|
||||
- goto chpwfail;
|
||||
+ goto bailout;
|
||||
}
|
||||
|
||||
/* verify version number */
|
||||
@@ -80,7 +80,7 @@
|
||||
numresult = KRB5_KPASSWD_BAD_VERSION;
|
||||
snprintf(strresult, sizeof(strresult),
|
||||
"Request contained unknown protocol version number %d", vno);
|
||||
- goto chpwfail;
|
||||
+ goto bailout;
|
||||
}
|
||||
|
||||
/* read, check ap-req length */
|
||||
@@ -93,7 +93,7 @@
|
||||
numresult = KRB5_KPASSWD_MALFORMED;
|
||||
strlcpy(strresult, "Request was truncated in AP-REQ",
|
||||
sizeof(strresult));
|
||||
- goto chpwfail;
|
||||
+ goto bailout;
|
||||
}
|
||||
|
||||
/* verify ap_req */
|
||||
--
|
||||
1.8.1.6
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user