Module Name: src Committed By: martin Date: Wed Jul 12 15:38:06 UTC 2017
Modified Files: src/doc [netbsd-7-0]: CHANGES-7.0.3 Log Message: Ticket #1453 To generate a diff of this commit: cvs rdiff -u -r1.1.2.47 -r1.1.2.48 src/doc/CHANGES-7.0.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/doc/CHANGES-7.0.3 diff -u src/doc/CHANGES-7.0.3:1.1.2.47 src/doc/CHANGES-7.0.3:1.1.2.48 --- src/doc/CHANGES-7.0.3:1.1.2.47 Mon Jul 10 13:16:27 2017 +++ src/doc/CHANGES-7.0.3 Wed Jul 12 15:38:06 2017 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-7.0.3,v 1.1.2.47 2017/07/10 13:16:27 martin Exp $ +# $NetBSD: CHANGES-7.0.3,v 1.1.2.48 2017/07/12 15:38:06 martin Exp $ A complete list of changes from the NetBSD 7.0.2 release to the NetBSD 7.0.3 release: @@ -2993,3 +2993,14 @@ sys/kern/vfs_lookup.c 1.208 in -r1.200. [dh, ticket #1451] +crypto/external/bsd/heimdal/dist/lib/krb5/ticket.c 1.3-1.4 + + In _krb5_extract_ticket() the KDC-REP service name must be + obtained from encrypted version stored in 'enc_part' instead + of the unencrypted version stored in 'ticket'. + Use of the unecrypted version provides an opportunity for + successful server impersonation and other attacks. + + Identified by Jeffrey Altman, Viktor Duchovni and Nico Williams. + [christos, ticket #1453] +