Changeset 29e27d02


Ignore:
Timestamp:
10/18/2021 10:18:34 PM (3 years ago)
Author:
Douglas R. Reno <renodr@…>
Branches:
11.1, 11.2, 11.3, 12.0, 12.1, 12.2, gimp3, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/for-12.3, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/spidermonkey128, xry111/test-20220226, xry111/xf86-video-removal
Children:
acb648f
Parents:
8422a12
Message:

Fix CVE-2021-37750 in MIT Kerberos 5. Suggested in the Samba 4.15.0
release notes.

Files:
2 edited

Legend:

Unmodified
Added
Removed
  • introduction/welcome/changelog.xml

    r8422a12 r29e27d02  
    4646      <itemizedlist>
    4747        <listitem>
     48          <para>[renodr] - Fix CVE-2021-37750 in MIT krb5 per the suggestion in
     49          the Samba release notes for 4.15.0.</para>
     50        </listitem>
     51        <listitem>
    4852          <para>[renodr] - Update to mercurial-5.9.2. Fixes
    4953          <ulink url="&blfs-ticket-root;15646">#15646</ulink>.</para>
  • postlfs/security/mitkrb.xml

    r8422a12 r29e27d02  
    109109  <sect2 role="installation">
    110110    <title>Installation of MIT Kerberos V5</title>
     111
     112    <para>
     113      First, fix a denial-of-service security vulnerability:
     114      <!-- CVE-2021-37750, mentioned in Samba release notes for 4.15.0. -->
     115    </para>
     116
     117<screen><userinput remap="pre">sed -i '210a if (sprinc == NULL) {\
     118       status = "NULL_SERVER";\
     119       errcode = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;\
     120       goto cleanup;\
     121       }' src/kdc/do_tgs_req.c</userinput></screen>
    111122
    112123    <para>
Note: See TracChangeset for help on using the changeset viewer.