packages/krb5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix libkadm5 parameter leak

Browse Source 
(cherry picked from commit 0080fc269b163c87073f566a4cb0f68314357ef9)
This commit is contained in:
yanshuai01 2024-10-30 01:24:00 +08:00 committed by openeuler-sync-bot
parent 7681099d1f
commit 584a005af7
2 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
fix-libkadm5-parameter-leak.patch Normal file
View File

@ -0,0 +1,33 @@
From f14651a9fe94aca2bc2569848d931e4ba7a318a7 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Fri, 11 Oct 2024 11:38:03 +0200
Subject: [PATCH] Fix libkadm5 parameter leak
Commit aa91cb5dbbd4356c7a9069f4f52a10f70d91bc00 added kadmind_listen,
kpasswd_listen, and iprop_listen fields to kadm5_config_params, but
did not add them to the fields freed in kadm5_free_config_params().
Add them now.
[ghudson@mit.edu: rewrote commit message]
---
src/lib/kadm5/alt_prof.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index e8c1f51..4eb840e 100644
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -757,6 +757,9 @@ kadm5_free_config_params(krb5_context context, kadm5_config_params *params)
free(params->acl_file);
free(params->realm);
free(params->iprop_logfile);
+ free(params->iprop_listen);
+ free(params->kadmind_listen);
+ free(params->kpasswd_listen);
return 0;
}
--
2.27.0

6
krb5.spec
View File

@ -3,7 +3,7 @@
Name: krb5
Version: 1.21.2
Release: 9
Release: 10
Summary: The Kerberos network authentication protocol
License: MIT
URL: http://web.mit.edu/kerberos/www/
@ -39,6 +39,7 @@ Patch15: backport-Handle-empty-initial-buffer-in-IAKERB-initiator.patch
Patch16: backport-CVE-2024-37370-CVE-2024-37371-Fix-vulnerabilities-in-GSS-message-token-handling.patch
Patch17: backport-Change-krb5_get_credentials-endtime-behavior.patch
Patch18: backport-Fix-memory-leak-in-PAC-checksum-verification.patch
Patch19: fix-libkadm5-parameter-leak.patch
BuildRequires: gettext
BuildRequires: gcc make automake autoconf pkgconfig pam-devel libselinux-devel byacc
@ -337,6 +338,9 @@ make -C src check || :
%{_mandir}/man8/*
%changelog
* Wed Oct 30 2024 yanshuai <yanshuai@kylinos.cn> - 1.21.2-10
- Fix libkadm5 parameter leak
* Sun Oct 27 2024 zhangyaqi <zhangyaqi@kylinos.cn> - 1.21.2-9
- Fix memory leak in PAC checksum verification