aboutsummaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch')
-rw-r--r--meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch36
1 files changed, 0 insertions, 36 deletions
diff --git a/meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch b/meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch
deleted file mode 100644
index 67fefed898..0000000000
--- a/meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Subject: kerb: Fix LDAP null deref on empty arg [CVE-2016-3119]
-From: Greg Hudson
-
-In the LDAP KDB module's process_db_args(), strtok_r() may return NULL
-if there is an empty string in the db_args array. Check for this case
-and avoid dereferencing a null pointer.
-
-CVE-2016-3119:
-
-In MIT krb5 1.6 and later, an authenticated attacker with permission
-to modify a principal entry can cause kadmind to dereference a null
-pointer by supplying an empty DB argument to the modify_principal
-command, if kadmind is configured to use the LDAP KDB module.
-
- CVSSv2 Vector: AV:N/AC:H/Au:S/C:N/I:N/A:C/E:H/RL:OF/RC:ND
-
-ticket: 8383 (new)
-target_version: 1.14-next
-target_version: 1.13-next
-tags: pullup
-
-Upstream-Status: Backport
-
-Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
-Index: krb5-1.13.2/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
-===================================================================
---- krb5-1.13.2.orig/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 2015-05-09 07:27:02.000000000 +0800
-+++ krb5-1.13.2/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 2016-04-11 15:17:12.874140518 +0800
-@@ -267,6 +267,7 @@
- if (db_args) {
- for (i=0; db_args[i]; ++i) {
- arg = strtok_r(db_args[i], "=", &arg_val);
-+ arg = (arg != NULL) ? arg : "";
- if (strcmp(arg, TKTPOLICY_ARG) == 0) {
- dptr = &xargs->tktpolicydn;
- } else {