diff options
author | Nalin Dahyabhai <nalin@redhat.com> | 2014-07-21 17:51:10 -0400 |
---|---|---|
committer | Nalin Dahyabhai <nalin@redhat.com> | 2014-07-21 17:51:10 -0400 |
commit | 38595f53381faf231f9b15481752f3de93420107 (patch) | |
tree | 6e95a8d2318b1e59e46ffdf7ba529057c0859894 /krb5.spec | |
parent | 24f7f1a446d6ce08196f0796e6a343c85cf94799 (diff) | |
download | krb5-38595f53381faf231f9b15481752f3de93420107.tar.gz krb5-38595f53381faf231f9b15481752f3de93420107.tar.xz krb5-38595f53381faf231f9b15481752f3de93420107.zip |
Add patch for CVE-2014-4344krb5-1.12.1-13.fc22
- gssapi: pull in upstream fix for a possible NULL dereference
in spnego (CVE-2014-4344)
Diffstat (limited to 'krb5.spec')
-rw-r--r-- | krb5.spec | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -41,7 +41,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.12.1 -Release: 12%{?dist} +Release: 13%{?dist} # Maybe we should explode from the now-available-to-everybody tarball instead? # http://web.mit.edu/kerberos/dist/krb5/1.12/krb5-1.12.1-signed.tar Source0: krb5-%{version}.tar.gz @@ -107,6 +107,7 @@ Patch145: krb5-master-mechd.patch Patch146: krb5-1.12-CVE-2014-4341_4342.patch Patch147: krb5-1.12-CVE-2014-4341_4342-tests.patch Patch148: krb5-gssapi-mech-doublefree.patch +Patch149: krb5-gssapi-spnego-deref.patch Patch201: 0001-Don-t-try-to-stat-not-on-disk-ccache-residuals.patch Patch202: 0002-Use-an-in-memory-cache-until-we-need-the-target-s.patch Patch203: 0003-Learn-to-destroy-the-ccache-we-re-copying-from.patch @@ -362,6 +363,7 @@ ln -s NOTICE LICENSE %patch146 -p1 -b .CVE-2014-4341_4342 %patch147 -p1 -b .CVE-2014-4341_4342 %patch148 -p1 -b .gssapi-mech-doublefree +%patch149 -p1 -b .gssapi-spnego-deref # Take the execute bit off of documentation. chmod -x doc/krb5-protocol/*.txt doc/ccapi/*.html @@ -1038,6 +1040,10 @@ exit 0 %{_sbindir}/uuserver %changelog +* Mon Jul 21 2014 Nalin Dahyabhai <nalin@redhat.com> - 1.12.1-13 +- gssapi: pull in upstream fix for a possible NULL dereference + in spnego (CVE-2014-4344) + * Wed Jul 16 2014 Nalin Dahyabhai <nalin@redhat.com> - 1.12.1-12 - gssapi: pull in proposed fix for a double free in initiators (David Woodhouse, CVE-2014-4343, #1117963) |