krb5.git - MIT Kerberos patches

diff options

author	Tom Yu <tlyu@mit.edu>	2009-04-07 21:22:17 +0000
committer	Tom Yu <tlyu@mit.edu>	2009-04-07 21:22:17 +0000
commit	19b0ab4fae79371e1ccdba38f262b3aa05c20a80 (patch)
tree	e336563ab953e990f42d152ce5df53dd6b43708d /src/patchlevel.h
parent	8241f4980a11b5494377de4f30992d5a5debca95 (diff)
download	krb5-19b0ab4fae79371e1ccdba38f262b3aa05c20a80.tar.gz krb5-19b0ab4fae79371e1ccdba38f262b3aa05c20a80.tar.xz krb5-19b0ab4fae79371e1ccdba38f262b3aa05c20a80.zip

CVE-2009-0844 SPNEGO can read beyond buffer end

SPNEGO can read beyond the end of a buffer if the claimed DER length exceeds the number of bytes in the input buffer. This can lead to crash or information disclosure. Thanks to Apple for reporting this vulnerability and providing patches. ticket: 6443 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22174 dc483132-0cff-0310-8789-dd5450dbe970

Diffstat (limited to 'src/patchlevel.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: