[krb5] fix MITKRB5-SA-2014-001 (CVE-2014-4345)
Nalin Dahyabhai
nalin at fedoraproject.org
Thu Aug 7 23:26:09 UTC 2014
commit b324000e349de047b55813b2a634a0b9029e610d
Author: Nalin Dahyabhai <nalin at redhat.com>
Date: Thu Aug 7 19:25:49 2014 -0400
fix MITKRB5-SA-2014-001 (CVE-2014-4345)
- incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345)
2014-001-patch.txt | 14 ++++++++++++++
2014-001-patch.txt.asc | Bin 0 -> 419 bytes
krb5.spec | 8 +++++++-
3 files changed, 21 insertions(+), 1 deletions(-)
---
diff --git a/2014-001-patch.txt b/2014-001-patch.txt
new file mode 100644
index 0000000..19ea866
--- /dev/null
+++ b/2014-001-patch.txt
@@ -0,0 +1,14 @@
+diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
+index ce851ea..df5934c 100644
+--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
++++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
+@@ -456,7 +456,8 @@ krb5_encode_krbsecretkey(krb5_key_data *key_data_in, int n_key_data,
+ j++;
+ last = i + 1;
+
+- currkvno = key_data[i].key_data_kvno;
++ if (i < n_key_data - 1)
++ currkvno = key_data[i + 1].key_data_kvno;
+ }
+ }
+ ret[num_versions] = NULL;
diff --git a/2014-001-patch.txt.asc b/2014-001-patch.txt.asc
new file mode 100644
index 0000000..adefc75
Binary files /dev/null and b/2014-001-patch.txt.asc differ
diff --git a/krb5.spec b/krb5.spec
index 5bb72db..47da922 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -41,7 +41,7 @@
Summary: The Kerberos network authentication system
Name: krb5
Version: 1.12.1
-Release: 13%{?dist}
+Release: 14%{?dist}
# Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.12/krb5-1.12.1-signed.tar
Source0: krb5-%{version}.tar.gz
@@ -108,6 +108,8 @@ Patch146: krb5-1.12-CVE-2014-4341_4342.patch
Patch147: krb5-1.12-CVE-2014-4341_4342-tests.patch
Patch148: krb5-gssapi-mech-doublefree.patch
Patch149: krb5-gssapi-spnego-deref.patch
+Patch150: http://web.mit.edu/kerberos/advisories/2014-001-patch.txt
+Patch151: http://web.mit.edu/kerberos/advisories/2014-001-patch.txt.asc
Patch201: 0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch
Patch202: 0002-Use-an-in-memory-cache-until-we-need-the-target-s.patch
Patch203: 0003-Learn-to-destroy-the-ccache-we-re-copying-from.patch
@@ -364,6 +366,7 @@ ln -s NOTICE LICENSE
%patch147 -p1 -b .CVE-2014-4341_4342
%patch148 -p1 -b .gssapi-mech-doublefree
%patch149 -p1 -b .gssapi-spnego-deref
+%patch150 -p1 -b .2014-001
# Take the execute bit off of documentation.
chmod -x doc/krb5-protocol/*.txt doc/ccapi/*.html
@@ -1040,6 +1043,9 @@ exit 0
%{_sbindir}/uuserver
%changelog
+* Thu Aug 7 2014 Nalin Dahyabhai <nalin at redhat.com> - 1.12.1-14
+- incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345)
+
* Mon Jul 21 2014 Nalin Dahyabhai <nalin at redhat.com> - 1.12.1-13
- gssapi: pull in upstream fix for a possible NULL dereference
in spnego (CVE-2014-4344)
More information about the scm-commits
mailing list