pull up r23832 from trunk ------------------------------------------------------------------------ r23832 | tlyu | 2010-03-23 14:53:52 -0400 (Tue, 23 Mar 2010) | 8 lines ticket: 6690 target_version: 1.8.1 tags: pullup subject: MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO The SPNEGO implementation in krb5-1.7 and later could crash due to assertion failure when receiving some sorts of invalid GSS-API tokens. https://github.com/krb5/krb5/commit/9c0f73bd27b7778435f32e8c5dbec97ffb00109e Commit By: tlyu Revision: 23850 Changed Files: U branches/krb5-1-7/src/lib/gssapi/spnego/spnego_mech.c