mirror of
https://github.com/openssl/openssl.git
synced 2025-02-17 14:32:04 +08:00
Submitted by: Tomas Hoger <thoger@redhat.com>
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted).
This commit is contained in:
Dr. Stephen Henson
parent
2c772c8700
commit
cca1cd9a34
6
CHANGES
6
CHANGES
@ -909,6 +909,12 @@
|
|||||||
|
|
||||||
*) Change 'Configure' script to enable Camellia by default.
|
*) Change 'Configure' script to enable Camellia by default.
|
||||||
[NTT]
|
[NTT]
|
||||||
|
|
||||||
|
Changes between 0.9.8m and 0.9.8n [xx XXX xxxx]
|
||||||
|
|
||||||
|
*) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
|
||||||
|
could be crashed if the relevant tables were not present (e.g. chrooted).
|
||||||
|
[Tomas Hoger <thoger@redhat.com>]
|
||||||
|
|
||||||
Changes between 0.9.8l and 0.9.8m [xx XXX xxxx]
|
Changes between 0.9.8l and 0.9.8m [xx XXX xxxx]
|
||||||
|
|
||||||
|
|||||||
@ -1803,6 +1803,9 @@ kssl_ctx_show(KSSL_CTX *kssl_ctx)
|
|||||||
kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC,
|
kssl_ctx->service_name ? kssl_ctx->service_name: KRB5SVC,
|
||||||
KRB5_NT_SRV_HST, &princ);
|
KRB5_NT_SRV_HST, &princ);
|
||||||
|
|
||||||
|
if (krb5rc)
|
||||||
|
goto exit;
|
||||||
|
|
||||||
krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
|
krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
|
||||||
princ,
|
princ,
|
||||||
0 /* IGNORE_VNO */,
|
0 /* IGNORE_VNO */,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user