diff options
author | Nalin Dahyabhai <nalin@fedoraproject.org> | 2006-08-18 16:50:54 +0000 |
---|---|---|
committer | Nalin Dahyabhai <nalin@fedoraproject.org> | 2006-08-18 16:50:54 +0000 |
commit | d859fd05565f48d18afd03324ec44aca2e6944db (patch) | |
tree | b1dfb941b845de4ef574fe1ded08fcf2d403e275 | |
parent | 2bc5a13d2a0da935e029a2b182be0884c5ed5abd (diff) | |
download | krb5-d859fd05565f48d18afd03324ec44aca2e6944db.tar.gz krb5-d859fd05565f48d18afd03324ec44aca2e6944db.tar.xz krb5-d859fd05565f48d18afd03324ec44aca2e6944db.zip |
- switch to the updated patch for MITKRB-SA-2006-001krb5-1_5-6
-rw-r--r-- | 2006-001-patch_1.5.txt | 27 | ||||
-rw-r--r-- | krb5.spec | 5 |
2 files changed, 17 insertions, 15 deletions
diff --git a/2006-001-patch_1.5.txt b/2006-001-patch_1.5.txt index cc7dca8..cc47dec 100644 --- a/2006-001-patch_1.5.txt +++ b/2006-001-patch_1.5.txt @@ -1,6 +1,6 @@ Index: appl/gssftp/ftpd/ftpd.c =================================================================== -*** appl/gssftp/ftpd/ftpd.c (revision 18419) +*** appl/gssftp/ftpd/ftpd.c (revision 18440) --- appl/gssftp/ftpd/ftpd.c (working copy) *************** *** 1367,1373 **** @@ -61,7 +61,7 @@ Index: appl/gssftp/ftpd/ftpd.c goto pasv_error; Index: appl/bsd/v4rcp.c =================================================================== -*** appl/bsd/v4rcp.c (revision 18419) +*** appl/bsd/v4rcp.c (revision 18440) --- appl/bsd/v4rcp.c (working copy) *************** *** 436,442 **** @@ -105,7 +105,7 @@ Index: appl/bsd/v4rcp.c Index: appl/bsd/krcp.c =================================================================== -*** appl/bsd/krcp.c (revision 18419) +*** appl/bsd/krcp.c (revision 18440) --- appl/bsd/krcp.c (working copy) *************** *** 620,626 **** @@ -159,7 +159,7 @@ Index: appl/bsd/krcp.c } Index: appl/bsd/login.c =================================================================== -*** appl/bsd/login.c (revision 18419) +*** appl/bsd/login.c (revision 18440) --- appl/bsd/login.c (working copy) *************** *** 1648,1654 **** @@ -183,7 +183,7 @@ Index: appl/bsd/login.c /* This call MUST succeed */ Index: appl/bsd/krshd.c =================================================================== -*** appl/bsd/krshd.c (revision 18419) +*** appl/bsd/krshd.c (revision 18440) --- appl/bsd/krshd.c (working copy) *************** *** 1403,1411 **** @@ -214,26 +214,25 @@ Index: appl/bsd/krshd.c char **findtz = environ; Index: clients/ksu/main.c =================================================================== -*** clients/ksu/main.c (revision 18419) +*** clients/ksu/main.c (revision 18440) --- clients/ksu/main.c (working copy) *************** -*** 892,900 **** - const char * cc_name; +*** 893,900 **** struct stat st_temp; -! krb5_seteuid(0); + krb5_seteuid(0); ! krb5_seteuid(target_uid); ! cc_name = krb5_cc_get_name(context, cc); if ( ! stat(cc_name, &st_temp)){ if ((retval = krb5_cc_destroy(context, cc))){ ---- 892,903 ---- - const char * cc_name; +--- 893,904 ---- struct stat st_temp; -! if (krb5_seteuid(0) < 0 || krb5_seteuid(target_uid) < 0) { + krb5_seteuid(0); +! if (krb5_seteuid(target_uid) < 0) { ! com_err(prog_name, errno, -! "while returning to source uid for destroying ccache"); +! "while changing to target uid for destroying ccache"); ! exit(1); ! } ! @@ -242,7 +241,7 @@ Index: clients/ksu/main.c if ((retval = krb5_cc_destroy(context, cc))){ Index: lib/krb4/kuserok.c =================================================================== -*** lib/krb4/kuserok.c (revision 18419) +*** lib/krb4/kuserok.c (revision 18440) --- lib/krb4/kuserok.c (working copy) *************** *** 159,167 **** @@ -10,7 +10,7 @@ Summary: The Kerberos network authentication system. Name: krb5 Version: 1.5 -Release: 5 +Release: 6 # Maybe we should explode from the now-available-to-everybody tarball instead? # http://web.mit.edu/kerberos/dist/krb5/1.5/krb5-1.5-signed.tar Source0: krb5-%{version}.tar.gz @@ -132,6 +132,9 @@ network uses Kerberos, this package should be installed on every workstation. %changelog +* Fri Aug 18 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.5-6 +- switch to the updated patch for MITKRB-SA-2006-001 + * Tue Aug 8 2006 Nalin Dahyabhai <nalin@redhat.com> - 1.5-5 - apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084) |