diff options
| author |   Sam James <sam@gentoo.org> | 2021-12-29 08:45:39 +0000 |
|---|---|---|
| committer | Sam James <sam@gentoo.org> | 2021-12-29 08:46:42 +0000 |
| commit | 433bedfe250303e35202bcaacc054a157e409a57 (patch) | |
| tree | 4039f5ca132423b449a3e4d57fefcab11e3349c5 /www-apache | |
| parent | app-editors/jedit: EAPI 8 (diff) | |
| download | gentoo-433bedfe250303e35202bcaacc054a157e409a57.tar.gz gentoo-433bedfe250303e35202bcaacc054a157e409a57.tar.bz2 gentoo-433bedfe250303e35202bcaacc054a157e409a57.zip | |
www-apache/mod_auth_kerb: add use-after-free patch
Closes: https://bugs.gentoo.org/673066
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'www-apache')
| -rw-r--r-- | www-apache/mod_auth_kerb/files/mod_auth_kerb-5.4-krb5pwd-double-free.patch | 22 | ||||
| -rw-r--r-- | www-apache/mod_auth_kerb/mod_auth_kerb-5.4-r5.ebuild (renamed from www-apache/mod_auth_kerb/mod_auth_kerb-5.4-r4.ebuild) | 5 |
2 files changed, 26 insertions, 1 deletions
diff --git a/www-apache/mod_auth_kerb/files/mod_auth_kerb-5.4-krb5pwd-double-free.patch b/www-apache/mod_auth_kerb/files/mod_auth_kerb-5.4-krb5pwd-double-free.patch new file mode 100644 index 000000000000..aa8ced49c103 --- /dev/null +++ b/www-apache/mod_auth_kerb/files/mod_auth_kerb-5.4-krb5pwd-double-free.patch @@ -0,0 +1,22 @@ +https://sources.debian.org/src/libapache-mod-auth-kerb/5.4-2.5/debian/patches/mod_auth_kerb-krb5_kt_close.patch/ +https://bugs.gentoo.org/673066 + +Description: fix use after free in authenticate_user_krb5pwd() +Origin: https://sourceforge.net/p/modauthkerb/bugs/61/attachment/mod_auth_kerb-krb5_kt_close.patch +Bug: https://sourceforge.net/p/modauthkerb/bugs/61/ +Bug-Debian: https://bugs.debian.org/934043 +Author: Johan Ymerson (https://sourceforge.net/u/ymerson/) +--- a/src/mod_auth_kerb.c ++++ b/src/mod_auth_kerb.c +@@ -799,11 +799,9 @@ + "failed to verify krb5 credentials: %s", + krb5_get_err_text(context, ret)); + krb5_kt_end_seq_get(context, keytab, &cursor); +- krb5_kt_close(context, keytab); + goto end; + } + krb5_kt_end_seq_get(context, keytab, &cursor); +- krb5_kt_close(context, keytab); + } + else { + if ((ret = verify_krb5_init_creds(r, context, &creds, server, keytab))) { diff --git a/www-apache/mod_auth_kerb/mod_auth_kerb-5.4-r4.ebuild b/www-apache/mod_auth_kerb/mod_auth_kerb-5.4-r5.ebuild index c8e1b13352e1..59a03c89f542 100644 --- a/www-apache/mod_auth_kerb/mod_auth_kerb-5.4-r4.ebuild +++ b/www-apache/mod_auth_kerb/mod_auth_kerb-5.4-r5.ebuild @@ -37,6 +37,8 @@ PATCHES=( # bug #830208 "${FILESDIR}"/${P}-api-change-krb5.patch + # bug #673066 + "${FILESDIR}"/${P}-krb5pwd-double-free.patch ) # Work around Bug #616612 @@ -55,7 +57,8 @@ src_compile() { src_install() { apache-module_src_install - dotmpfiles "${FILESDIR}/${PN}.conf" + + dotmpfiles "${FILESDIR}"/${PN}.conf } pkg_postinst() { |