mirror of
https://github.com/freebsd/freebsd-src
synced 2024-07-23 19:28:36 +00:00
![]() Apply upstream 22749e918 to fix a buffer overflow. Upstream notes: If len_len is equal to total_len - 1 (i.e. the input consists only of a 0x60 byte and a length), the expression 'total_len - 1 - len_len - 1', used as the 'len' parameter to der_get_length(), will overflow to SIZE_MAX. Then der_get_length() will proceed to read, unconstrained, whatever data follows in memory. Add a check to ensure that doesn't happen This is similar to samba CVE-2022-3437. Reported by: emaste Security: CVE-2022-41916 Obtained from: upstream 22749e918 MFC after: 1 week |
||
---|---|---|
.. | ||
admin | ||
appl | ||
base | ||
doc | ||
etc | ||
include | ||
kadmin | ||
kcm | ||
kdc | ||
kpasswd | ||
kuser | ||
lib | ||
tools | ||
acinclude.m4 | ||
aclocal.m4 | ||
autogen.sh | ||
ChangeLog | ||
ChangeLog.1998 | ||
ChangeLog.1999 | ||
ChangeLog.2000 | ||
ChangeLog.2001 | ||
ChangeLog.2002 | ||
ChangeLog.2003 | ||
ChangeLog.2004 | ||
ChangeLog.2005 | ||
ChangeLog.2006 | ||
compile | ||
config.guess | ||
config.sub | ||
configure | ||
FREEBSD-Xlist | ||
install-sh | ||
krb5.conf | ||
LICENSE | ||
ltmain.sh | ||
Makefile.am | ||
Makefile.am.common | ||
Makefile.in | ||
missing | ||
NEWS | ||
README |
Heimdal is a Kerberos 5 implementation. For information how to install see <http://www.h5l.org/compile.html>. There are briefer man pages for most of the commands. Bug reports and bugs are appreciated, see more under Bug reports in the manual on how we prefer them: <heimdal-bugs@h5l.org>. For more information see the web-page at <http://www.h5l.org/> or the mailing lists: heimdal-announce@sics.se low-volume announcement heimdal-discuss@sics.se high-volume discussion send a mail to heimdal-announce-request@sics.se and heimdal-discuss-request@sics.se respectively to subscribe.