From ec9ba12ea871a9a5eb70279c4cb54b9001fa3d10 Mon Sep 17 00:00:00 2001
From: Cy Schubert <cy@FreeBSD.org>
Date: Wed, 4 Apr 2007 21:12:17 +0000
Subject: MIT KRB5 Security patches:

1. MIT krb5 Security Advisory 2007-001: Telnetd allows login as arbitrary user
   CVE: CVE-2007-0956
   CERT: VU#220816

2. MIT krb5 Security Advisory 2007-002: KDC, kadmind stack overflow in krb5_klog_syslog
   CVE: CVE-2007-0957
   CERT: VU#704024
---
 security/krb5-16/files/patch-kdc-kdc_util.c | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 security/krb5-16/files/patch-kdc-kdc_util.c

(limited to 'security/krb5-16/files/patch-kdc-kdc_util.c')

diff --git a/security/krb5-16/files/patch-kdc-kdc_util.c b/security/krb5-16/files/patch-kdc-kdc_util.c
new file mode 100644
index 000000000000..7ace820c79c0
--- /dev/null
+++ b/security/krb5-16/files/patch-kdc-kdc_util.c
@@ -0,0 +1,10 @@
+--- kdc/kdc_util.c.orig	Wed Oct 11 17:33:12 2006
++++ kdc/kdc_util.c	Wed Apr  4 13:53:04 2007
+@@ -404,6 +404,7 @@
+ 
+ 	krb5_db_free_principal(kdc_context, &server, nprincs);
+ 	if (!krb5_unparse_name(kdc_context, ticket->server, &sname)) {
++	    limit_string(sname);
+ 	    krb5_klog_syslog(LOG_ERR,"TGS_REQ: UNKNOWN SERVER: server='%s'",
+ 			     sname);
+ 	    free(sname);
-- 
cgit v1.2.3