Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: tlyu@mit.edu
Subject: git commit
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 844


Fix gssrpc data leakage [CVE-2014-9423]

[MITKRB5-SA-2015-001] In svcauth_gss_accept_sec_context(), do not copy
bytes from the union context into the handle field we send to the
client.  We do not use this handle field, so just supply a fixed
string of "xxxx".

In gss_union_ctx_id_struct, remove the unused "interposer" field which
was causing part of the union context to remain uninitialized.

(cherry picked from commit 5bb8a6b9c9eb8dd22bc9526751610aaa255ead9c)

https://github.com/krb5/krb5/commit/23f9fc04f53b68a81fb46438f7d5948e7ac4ad2f
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: 23f9fc04f53b68a81fb46438f7d5948e7ac4ad2f
Branch: krb5-1.13
 src/lib/gssapi/mechglue/mglueP.h |    1 -
 src/lib/rpc/svc_auth_gss.c       |   25 ++-----------------------
 2 files changed, 2 insertions(+), 24 deletions(-)