Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
This brings the fix for a use after free crash to buster.
Since there were no other changes between buster and bullseye,
I elected to just add a "backport to buster" changelog.
--
bye,
pabs
https://wiki.debian.org/PaulWise
diff -u libapache-mod-auth-kerb-5.4/debian/changelog libapache-mod-auth-kerb-5.4/debian/changelog
--- libapache-mod-auth-kerb-5.4/debian/changelog
+++ libapache-mod-auth-kerb-5.4/debian/changelog
@@ -1,3 +1,16 @@
+libapache-mod-auth-kerb (5.4-2.4~deb10u1) buster; urgency=medium
+
+ * Rebuild for buster
+
+ -- Paul Wise Sun, 27 Oct 2019 13:58:04 +0800
+
+libapache-mod-auth-kerb (5.4-2.4) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Apply patch from upstream issue tracker to fix crash (Closes: #934043)
+
+ -- Paul Wise Mon, 21 Oct 2019 11:15:20 +0800
+
libapache-mod-auth-kerb (5.4-2.3) unstable; urgency=medium
* Don't apply the delegation patch, it can break gssapi auth. (Closes:
diff -u libapache-mod-auth-kerb-5.4/debian/patches/series libapache-mod-auth-kerb-5.4/debian/patches/series
--- libapache-mod-auth-kerb-5.4/debian/patches/series
+++ libapache-mod-auth-kerb-5.4/debian/patches/series
@@ -10,0 +11 @@
+mod_auth_kerb-krb5_kt_close.patch
only in patch2:
unchanged:
--- libapache-mod-auth-kerb-5.4.orig/debian/patches/mod_auth_kerb-krb5_kt_close.patch
+++ libapache-mod-auth-kerb-5.4/debian/patches/mod_auth_kerb-krb5_kt_close.patch
@@ -0,0 +1,20 @@
+Description: fix use after free in authenticate_user_krb5pwd()
+Origin: https://sourceforge.net/p/modauthkerb/bugs/61/attachment/mod_auth_kerb-krb5_kt_close.patch
+Bug: https://sourceforge.net/p/modauthkerb/bugs/61/
+Bug-Debian: https://bugs.debian.org/934043
+Author: Johan Ymerson (https://sourceforge.net/u/ymerson/)
+diff -ruN mod_auth_kerb-5.4.orig/src/mod_auth_kerb.c mod_auth_kerb-5.4/src/mod_auth_kerb.c
+--- mod_auth_kerb-5.4.orig/src/mod_auth_kerb.c 2018-12-12 16:59:43.762013269 +0100
mod_auth_kerb-5.4/src/mod_auth_kerb.c 2018-12-12 16:59:59.151945123 +0100
+@@ -799,11 +799,9 @@
+ "failed to verify krb5 credentials: %s",
+ krb5_get_err_text(context, ret));
+ krb5_kt_end_seq_get(context, keytab, &cursor);
+- krb5_kt_close(context, keytab);
+ goto end;
+}
+krb5_kt_end_seq_get(context, keytab, &cursor);
+- krb5_kt_close(context, keytab);
+ }
+ else {
+if ((ret = verify_krb5_init_creds(r, context, &creds, server, keytab))) {
signature.asc
Description: This is a digitally signed message part