diff options
author | Nalin Dahyabhai <nalin@dahyabhai.net> | 2012-06-13 18:16:35 -0400 |
---|---|---|
committer | Nalin Dahyabhai <nalin@dahyabhai.net> | 2012-06-13 18:16:35 -0400 |
commit | 2598de5d470bfcc4dc85dbf57a1dcc4fc4839cd7 (patch) | |
tree | 8183b82c17d21105ae8cb5414109f82b3f71d6ad | |
parent | 1c3aace857b9a734c24a13b452c4f8d4146a214b (diff) | |
download | krb5-1.10.2-2.fc17.tar.gz krb5-1.10.2-2.fc17.tar.xz krb5-1.10.2-2.fc17.zip |
don't need this backport any morekrb5-1.10.2-2.fc17
-rw-r--r-- | krb5-kadmind-null-password.patch | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/krb5-kadmind-null-password.patch b/krb5-kadmind-null-password.patch deleted file mode 100644 index b64f43f..0000000 --- a/krb5-kadmind-null-password.patch +++ /dev/null @@ -1,33 +0,0 @@ -commit c5be6209311d4a8f10fda37d0d3f876c1b33b77b -Author: Richard Basch <basch@alum.mit.edu> -Date: Tue May 29 14:07:03 2012 -0400 - - Null pointer deref in kadmind [CVE-2012-1013] - - The fix for #6626 could cause kadmind to dereference a null pointer if - a create-principal request contains no password but does contain the - KRB5_KDB_DISALLOW_ALL_TIX flag (e.g. "addprinc -randkey -allow_tix - name"). Only clients authorized to create principals can trigger the - bug. Fix the bug by testing for a null password in check_1_6_dummy. - - CVSSv2 vector: AV:N/AC:M/Au:S/C:N/I:N/A:P/E:H/RL:O/RC:C - - [ghudson@mit.edu: Minor style change and commit message] - - ticket: 7152 - target_version: 1.10.2 - tags: pullup - -diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c -index a0b110d..f5ea005 100644 ---- a/src/lib/kadm5/srv/svr_principal.c -+++ b/src/lib/kadm5/srv/svr_principal.c -@@ -186,7 +186,7 @@ check_1_6_dummy(kadm5_principal_ent_t entry, long mask, - char *password = *passptr; - - /* Old-style randkey operations disallowed tickets to start. */ -- if (!(mask & KADM5_ATTRIBUTES) || -+ if (password == NULL || !(mask & KADM5_ATTRIBUTES) || - !(entry->attributes & KRB5_KDB_DISALLOW_ALL_TIX)) - return; - |