[go: nahoru, domu]
Skip to content

Commit

Permalink
Submitted by: Tomas Hoger <thoger@redhat.com>
Browse files Browse the repository at this point in the history 
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
  • Loading branch information
@snhenson
snhenson committed Mar 3, 2010
1 parent 2c772c8 commit cca1cd9
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 0 deletions.
6 changes: 6 additions & 0 deletions CHANGES
View file
Original file line number Diff line number Diff line change
Expand Up @@ -909,6 +909,12 @@

*) Change 'Configure' script to enable Camellia by default.
[NTT]

Changes between 0.9.8m and 0.9.8n [xx XXX xxxx]

*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
[Tomas Hoger <thoger@redhat.com>]

Changes between 0.9.8l and 0.9.8m [xx XXX xxxx]

Expand Down
3 changes: 3 additions & 0 deletions ssl/kssl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1803,6 +1803,9 @@ kssl_ctx_show(KSSL_CTX *kssl_ctx)
kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC,
KRB5_NT_SRV_HST, &princ);

if (krb5rc)
goto exit;

krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
princ,
0 /* IGNORE_VNO */,
Expand Down

0 comments on commit cca1cd9

Please sign in to comment.