diff options
author | Renato Botelho <renato@netgate.com> | 2017-07-12 13:43:16 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2017-07-12 13:43:16 -0300 |
commit | 8711269788b3bd5ce2873fa580c80d7d393ae186 (patch) | |
tree | dbeba1faf96d02c58a6488da70fba1058ac4ac62 | |
parent | 9b57f5336c3e809f8f29d5ba2a8652619cdd18d0 (diff) | |
parent | 348f5311d13a14a86bd5e73cfac8ac707498b87c (diff) | |
download | FreeBSD-src-8711269788b3bd5ce2873fa580c80d7d393ae186.zip FreeBSD-src-8711269788b3bd5ce2873fa580c80d7d393ae186.tar.gz |
Merge remote-tracking branch 'origin/releng/11.0' into RELENG_2_4
-rw-r--r-- | UPDATING | 6 | ||||
-rw-r--r-- | crypto/heimdal/lib/krb5/ticket.c | 4 | ||||
-rw-r--r-- | sys/conf/newvers.sh | 2 |
3 files changed, 8 insertions, 4 deletions
@@ -16,7 +16,11 @@ from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. -20170427 p10 FreeBSD-SA-17:04.ipfilter +20170712 p11 FreeBSD-SA-17:05.heimdal + + Fix heimdal KDC-REP service name validation vulnerability. + +20170427 p10 FreeBSD-SA-17:04.ipfilter Fix ipfilter(4) fragment handling panic. [SA-17:04] diff --git a/crypto/heimdal/lib/krb5/ticket.c b/crypto/heimdal/lib/krb5/ticket.c index 4845a93..5b6eabe 100644 --- a/crypto/heimdal/lib/krb5/ticket.c +++ b/crypto/heimdal/lib/krb5/ticket.c @@ -713,8 +713,8 @@ _krb5_extract_ticket(krb5_context context, /* check server referral and save principal */ ret = _krb5_principalname2krb5_principal (context, &tmp_principal, - rep->kdc_rep.ticket.sname, - rep->kdc_rep.ticket.realm); + rep->enc_part.sname, + rep->enc_part.srealm); if (ret) goto out; if((flags & EXTRACT_TICKET_ALLOW_SERVER_MISMATCH) == 0){ diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 7314fb6..d323326 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="11.0" -BRANCH="RELEASE-p10" +BRANCH="RELEASE-p11" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi |