mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
Wenzong Fan
000b5f2941
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. Backport upstream commit to fix it: https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
This layer depends on: URI: git://github.com/openembedded/oe-core.git branch: jethro revision: HEAD Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][jethro]' in the subject' When sending single patches, please use something like: 'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix=meta-oe][jethro][PATCH' You are encouraged to fork the mirror on github https://github.com/openembedded/meta-oe/ to share your patches, this is preferred for patch sets consisting of more than one patch. Other services like gitorious, repo.or.cz or self hosted setups are of course accepted as well, 'git fetch <remote>' works the same on all of them. We recommend github because it is free, easy to use, has been proven to be reliable and has a really good web GUI. Jethro Branch Maintainer: Armin Kuster <akuster808@gmail.com>