Changeset 29e27d02


Ignore:
Timestamp:
10/18/2021 10:18:34 PM (6 weeks ago)
Author:
Douglas R. Reno <renodr@…>
Branches:
trunk
Children:
acb648f
Parents:
8422a12
Message:

Fix CVE-2021-37750 in MIT Kerberos 5. Suggested in the Samba 4.15.0
release notes.

Files:
2 edited

Legend:

Unmodified
Added
Removed
  • introduction/welcome/changelog.xml

    r8422a12 r29e27d02  
    4646      <itemizedlist>
    4747        <listitem>
     48          <para>[renodr] - Fix CVE-2021-37750 in MIT krb5 per the suggestion in
     49          the Samba release notes for 4.15.0.</para>
     50        </listitem>
     51        <listitem>
    4852          <para>[renodr] - Update to mercurial-5.9.2. Fixes
    4953          <ulink url="&blfs-ticket-root;15646">#15646</ulink>.</para>
  • postlfs/security/mitkrb.xml

    r8422a12 r29e27d02  
    109109  <sect2 role="installation">
    110110    <title>Installation of MIT Kerberos V5</title>
     111
     112    <para>
     113      First, fix a denial-of-service security vulnerability:
     114      <!-- CVE-2021-37750, mentioned in Samba release notes for 4.15.0. -->
     115    </para>
     116
     117<screen><userinput remap="pre">sed -i '210a if (sprinc == NULL) {\
     118       status = "NULL_SERVER";\
     119       errcode = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;\
     120       goto cleanup;\
     121       }' src/kdc/do_tgs_req.c</userinput></screen>
    111122
    112123    <para>
Note: See TracChangeset for help on using the changeset viewer.