rpms/krb5/F-7 CVE-2007-3999-2.patch,NONE,1.1 krb5.spec,1.114,1.115

Nalin Somabhai Dahyabhai (nalin) fedora-extras-commits at redhat.com
Thu Sep 6 20:08:18 UTC 2007 

Author: nalin

Update of /cvs/pkgs/rpms/krb5/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15967

Modified Files:
	krb5.spec 
Added Files:
	CVE-2007-3999-2.patch 
Log Message:
- incorporate updated fix for CVE-2007-3999

CVE-2007-3999-2.patch:

--- NEW FILE CVE-2007-3999-2.patch ---
*** src/lib/rpc/svc_auth_gss.c	(revision 20474)
--- src/lib/rpc/svc_auth_gss.c	(local)
***************
*** 355,360 ****
--- 355,369 ----
  	memset(rpchdr, 0, sizeof(rpchdr));
  
  	/* XXX - Reconstruct RPC header for signing (from xdr_callmsg). */
+ 	oa = &msg->rm_call.cb_cred;
+ 	if (oa->oa_length > MAX_AUTH_BYTES)
+ 		return (FALSE);
+ 
+ 	/* 8 XDR units from the IXDR macro calls. */
+ 	if (sizeof(rpchdr) < (8 * BYTES_PER_XDR_UNIT +
+ 			      RNDUP(oa->oa_length)))
+ 		return (FALSE);
+ 
  	buf = (int32_t *)(void *)rpchdr;
  	IXDR_PUT_LONG(buf, msg->rm_xid);
  	IXDR_PUT_ENUM(buf, msg->rm_direction);
***************
*** 362,368 ****
  	IXDR_PUT_LONG(buf, msg->rm_call.cb_prog);
  	IXDR_PUT_LONG(buf, msg->rm_call.cb_vers);
  	IXDR_PUT_LONG(buf, msg->rm_call.cb_proc);
- 	oa = &msg->rm_call.cb_cred;
  	IXDR_PUT_ENUM(buf, oa->oa_flavor);
  	IXDR_PUT_LONG(buf, oa->oa_length);
  	if (oa->oa_length) {
--- 371,376 ----


Index: krb5.spec
===================================================================
RCS file: /cvs/pkgs/rpms/krb5/F-7/krb5.spec,v
retrieving revision 1.114
retrieving revision 1.115
diff -u -r1.114 -r1.115
--- krb5.spec	4 Sep 2007 18:10:20 -0000	1.114
+++ krb5.spec	6 Sep 2007 20:07:45 -0000	1.115
@@ -11,7 +11,7 @@
 Summary: The Kerberos network authentication system.
 Name: krb5
 Version: 1.6.1
-Release: 3%{?dist}
+Release: 4%{?dist}
 # Maybe we should explode from the now-available-to-everybody tarball instead?
 # http://web.mit.edu/kerberos/dist/krb5/1.5/krb5-1.5-signed.tar
 Source0: krb5-%{version}.tar.gz
@@ -77,7 +77,7 @@
 Patch55: krb5-1.6.1-empty.patch
 Patch56: krb5-1.6.1-get_opt_fixup.patch
 Patch57: krb5-1.6.1-ftp-nospew.patch
-Patch58: CVE-2007-3999.patch
+Patch58: CVE-2007-3999-2.patch
 Patch59: CVE-2007-4000.patch
 
 Patch62: krb5-any-fixup-patch.txt
@@ -198,6 +198,10 @@
 %endif
 
 %changelog
+* Thu Sep  6 2007 Nalin Dahyabhai <nalin at redhat.com> 1.6.1-4
+- incorporate updated fix for CVE-2007-3999
+- fix incorrect call to "test" in the kadmin init script
+
 * Tue Sep  4 2007 Nalin Dahyabhai <nalin at redhat.com> 1.6.1-3
 - incorporate fixes for MITKRB5-SA-2007-006 (CVE-2007-3999, CVE-2007-4000)
 
@@ -1147,7 +1151,7 @@
 #%patch55 -p1 -b .empty
 %patch56 -p0 -b .get_opt_fixup
 %patch57 -p1 -b .ftp-nospew
-%patch58 -p0 -b .2007-3999
+%patch58 -p0 -b .2007-3999-2
 %patch59 -p0 -b .2007-4000
 %patch70 -p0 -b .2007-004
 %patch71 -p0 -b .2007-005

More information about the fedora-extras-commits mailing list