mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2026-05-05 20:36:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

main/heimdal: fix CVE-2022-45142

Browse Source
This commit is contained in:
psykose 2023-02-09 03:52:41 +00:00
parent 3c51f8e04b
commit bad1cd91bd
2 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
main/heimdal/APKBUILD
View File

@ -3,7 +3,7 @@
pkgname=heimdal
pkgver=7.7.1
_ver=${pkgver/_rc/rc}
pkgrel=0
pkgrel=1
pkgdesc="Iplementation of Kerberos 5"
arch="all"
url="https://github.com/heimdal/"
@ -22,10 +22,13 @@ source="https://github.com/heimdal/heimdal/releases/download/heimdal-$pkgver/hei
005_all_heimdal-suid_fix.patch
heimdal_missing-include.patch
CVE-2018-16860.patch
CVE-2022-45142.patch
silence-include-headers-redirect-warnings.patch
"
# secfixes:
# 7.7.1-r1:
# - CVE-2022-45142
# 7.7.1-r0:
# - CVE-2019-14870
# - CVE-2021-3671
@ -137,5 +140,6 @@ abee8390632fa775e74900d09e5c72b02fe4f9616b43cc8d0a76175486ed6d4707fb3ce4d06ceb09
2a6b20588a86a9ea3c35209b96ef2da0b39bc3112aec1505e69a60efc9ffb9ddc1d0dbdfaf864142e9d2f81da3d2653de56d6ffa01871c20fde17e4642625c56 005_all_heimdal-suid_fix.patch
e89efdc942c512363aac1d9797c6bf622324e9200e282bc5ed680300b9e1b39a4ea20f059cdac8f22f972eb0af0e625fd41f267ebcafcfec0aaa81192aff79c1 heimdal_missing-include.patch
36738795eb3478b55790bf1927f85a421b13b6b47dcc273daeb6630c39a4e1c1258148fa0e9f004ae59a9ac89caf54cb25efedb417e852e42a2c32d02e43fd56 CVE-2018-16860.patch
3205ce659c755b1a9e3bca3a3088cf241550fb2343fe46bee4370623b1ea2845395bcf7682a8c472d067067fbf8b3a8ea8809e8d3e6d5f62e05dcd680ba7230b CVE-2022-45142.patch
5d507a4312bbc59f2b67cb441d0880eaa060e3fdd166b7b8cf9b967d404722a1672e10cc8daedc46a786b8cbbb78de0bc2585d1d4d5b985da16c18f60c87d54f silence-include-headers-redirect-warnings.patch
"

22
main/heimdal/CVE-2022-45142.patch Normal file
View File

@ -0,0 +1,22 @@
diff --git a/lib/gssapi/krb5/arcfour.c b/lib/gssapi/krb5/arcfour.c
index aa03cbe..c6c15eb 100644
--- a/lib/gssapi/krb5/arcfour.c
+++ b/lib/gssapi/krb5/arcfour.c
@@ -365,7 +365,7 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status,
return GSS_S_FAILURE;
}
- cmp = (ct_memcmp(cksum_data, p + 8, 8) == 0);
+ cmp = (ct_memcmp(cksum_data, p + 8, 8) != 0);
if (cmp) {
*minor_status = 0;
return GSS_S_BAD_MIC;
@@ -730,7 +730,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status,
return GSS_S_FAILURE;
}
- cmp = (ct_memcmp(cksum_data, p0 + 16, 8) == 0); /* SGN_CKSUM */
+ cmp = (ct_memcmp(cksum_data, p0 + 16, 8) != 0); /* SGN_CKSUM */
if (cmp) {
_gsskrb5_release_buffer(minor_status, output_message_buffer);
*minor_status = 0;