130732 – CAN-2004-0642+ krb5: double-free and ASN.1 decoding bugs

Bug 130732 - CAN-2004-0642+ krb5: double-free and ASN.1 decoding bugs

Summary: CAN-2004-0642+ krb5: double-free and ASN.1 decoding bugs

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	krb5
Sub Component:
Version:	2
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nalin Dahyabhai
QA Contact:	Brian Brock
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-08-24 00:35 UTC by Nalin Dahyabhai
Modified:	2007-11-30 22:10 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2004-08-31 18:38:02 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Nalin Dahyabhai 2004-08-24 00:35:57 UTC

Remotely-triggerable double-free bugs have been found in the Kerberos
5 KDC, krb524 daemon, and libraries (CAN-2004-0642, CAN-2004-0643,
CAN-2004-0772).  A remotely-triggerable infinite loop has been found
in the Kerberos 5 ASN.1 decoding library (CAN-2004-0644).

Of these, the bugs denoted by CAN-2004-0642, CAN-2004-0644, and
CAN-2004-0772 affect Fedora Core 1 and 2.

Comment 1 Mark J. Cox 2004-08-31 17:38:10 UTC

Embargo lifted today at 1300EDT

Comment 2 Nalin Dahyabhai 2004-08-31 18:38:02 UTC

Updates pushed and announced for Fedora Core 1 and Fedora Core 2.

Note You need to log in before you can comment on or make changes to this bug.