Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: tlyu@mit.edu
Subject: SVN Commit
X-RT-Original-Encoding: iso-8859-1
Content-Length: 1015


pull up r24622 from trunk, minus the fix for CVE-2011-0283, which is
only applicable to krb5-1.9 and later.

 ------------------------------------------------------------------------
 r24622 | tlyu | 2011-02-09 15:25:08 -0500 (Wed, 09 Feb 2011) | 10 lines

 ticket: 6860
 subject: KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]
 tags: pullup
 target_version: 1.9.1

 [CVE-2011-0281 CVE-2011-0282] Fix some LDAP back end principal name
 handling that could cause the KDC to hang or crash.

 [CVE-2011-0283] Fix a KDC null pointer dereference introduced in krb5-1.9.

https://github.com/krb5/krb5/commit/76d7f2223230a9ead7c8cc50816138a8abc73820
Commit By: tlyu
Revision: 24626
Changed Files:
U   branches/krb5-1-8/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.h
U   branches/krb5-1-8/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
U   branches/krb5-1-8/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
U   branches/krb5-1-8/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c