Skip Menu |

Subject: SVN Commit

pull up r23832 from trunk

r23832 | tlyu | 2010-03-23 14:53:52 -0400 (Tue, 23 Mar 2010) | 8 lines

ticket: 6690
target_version: 1.8.1
tags: pullup
subject: MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO

The SPNEGO implementation in krb5-1.7 and later could crash due to
assertion failure when receiving some sorts of invalid GSS-API tokens.
Commit By: tlyu
Revision: 23850
Changed Files:
U branches/krb5-1-7/src/lib/gssapi/spnego/spnego_mech.c