On Sun, Apr 24, 2005 at 03:48:23PM +0200, Moritz Muehlenhoff wrote: > CAN-2005-0469 describes a buffer overflow in the slc_add_reply() > function. It has already been fixed in krb5, but is present in > krb4 as well. I'm not familiar with the krn4 code base, but the > fix from krb5 seems applicable as well. It's attached, but please > double check with Security Team, who might have a better fix.
Is there a specific reason you didn't also include the patch for CAN-2005-0468? AFAICT it seems to apply as well. Gruesse, -- Frank Lichtenheld <[EMAIL PROTECTED]> www: http://www.djpig.de/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]