244075 – Memory leaks in digest-md5 plugin

Bug 244075 - Memory leaks in digest-md5 plugin

Summary: Memory leaks in digest-md5 plugin

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	cyrus-sasl
Sub Component:
Version:	4.5
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Target Release:	---
Assignee:	Steve Conklin
QA Contact:	Brian Brock
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	240316
TreeView+	depends on / blocked

Reported:	2007-06-13 16:56 UTC by Nathan Kinder
Modified:	2007-11-17 01:14 UTC (History)
CC List:	3 users (show)
Fixed In Version:	RHSA-2007-0795
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-09-04 14:49:42 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2007:0795	0	normal	SHIPPED_LIVE	Moderate: cyrus-sasl security and bug fix update	2008-01-09 16:13:57 UTC

Description Nathan Kinder 2007-06-13 16:56:30 UTC

There are some memory leaks in the Cyrus-SASL digest-md5 plugin that would be
nice to have fixed in RHEL 4.6.  These leaks cause problems for server software
that accepts digest-md5 SASL for authentication.  Here are details on the leaks
I'd like addressed:

- Cipher context is leaked (cvs diff -r1.185 -r1.186 digestmd5.c)
- Response value and realm are leaked in reauth situations (cvs diff -r1.184
-r1.1.85 digestmd5.c)

Comment 7 Red Hat Bugzilla 2007-09-04 14:49:42 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2007-0795.html

Note You need to log in before you can comment on or make changes to this bug.