The NetBSD Project

CVS log for src/crypto/external/bsd/heimdal/dist/lib/krb5/krb524_convert_creds_kdc.3

[BACK] Up to [cvs.NetBSD.org] / src / crypto / external / bsd / heimdal / dist / lib / krb5

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.5 / (download) - annotate - [select for diffs], Mon Jun 19 21:41:44 2023 UTC (8 months, 2 weeks ago) by christos
Branch: MAIN
CVS Tags: triaxx-drm, HEAD
Changes since 1.4: +0 -0 lines
Diff to previous 1.4 (colored)

Merge differences between 7.7.0 and 7.8.0

Revision 1.1.1.5 / (download) - annotate - [select for diffs] (vendor branch), Mon Jun 19 21:37:18 2023 UTC (8 months, 2 weeks ago) by christos
Branch: HEIMDAL
CVS Tags: heimdal-7-8-0
Changes since 1.1.1.4: +1 -1 lines
Diff to previous 1.1.1.4 (colored)

Import heimdal-7.8.0 (previous was 7.7.0)

This release includes both the Heimdal 7.7.1 Security Vulnerability
fixes and non-Security bug fixes/improvements.

Security Vulnerabilities:
- CVE-2022-42898 PAC parse integer overflows
- CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
- CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
- CVE-2021-44758 A null pointer de-reference DoS in SPNEGO acceptors
- CVE-2021-3671 A null pointer de-reference when handling missing sname
  in TGS-REQ
- CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
  Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0
  on the Common Vulnerability Scoring System (CVSS) v3, as we believe
  it should be possible to get an RCE on a KDC, which means that
  credentials can be compromised that can be used to impersonate
  anyone in a realm or forest of realms.

  Heimdal's ASN.1 compiler generates code that allows specially
  crafted DER encodings of CHOICEs to invoke the wrong free function
  on the decoded structure upon decode error. This is known to impact
  the Heimdal KDC, leading to an invalid free() of an address partly
  or wholly under the control of the attacker, in turn leading to a
  potential remote code execution (RCE) vulnerability.

  This error affects the DER codec for all extensible CHOICE types
  used in Heimdal, though not all cases will be exploitable. We have
  not completed a thorough analysis of all the Heimdal components
  affected, thus the Kerberos client, the X.509 library, and other
  parts, may be affected as well.

  This bug has been in Heimdal's ASN.1 compiler since 2005, but it may
  only affect Heimdal 1.6 and up. It was first reported by Douglas
  Bagnall, though it had been found independently by the Heimdal
  maintainers via fuzzing a few weeks earlier.

  While no zero-day exploit is known, such an exploit will likely be
  available soon after public disclosure.
- CVE-2019-14870: Validate client attributes in protocol-transition
- CVE-2019-14870: Apply forwardable policy in protocol-transition
- CVE-2019-14870: Always lookup impersonate client in DB

Other changes:
- Bugs found by UBSAN (including the incorrect encoding of unconstrained
  INTEGER value -1).
- Errors found by the LLVM scan-build static analyzer.
- Errors found by the valgrind memory debugger.
- Work around GCC Bug 95189 (memcmp wrongly stripped like strcmp).
- Correct ASN.1 OID typo for SHA-384
- Fix a deadlock in in the MEMORY ccache type.
- TGS: strip forwardable and proxiable flags if the server is
  disallowed.
- CVE-2019-14870: Validate client attributes in protocol-transition
- CVE-2019-14870: Apply forwardable policy in protocol-transition
- CVE-2019-14870: Always lookup impersonate client in DB
- Incremental HDB propagation improvements
  Refactor send_diffs making it progressive
  Handle partial writes on non-blocking sockets
  Disable Nagle in iprop master and slave
  Use async I/O
  Don't send I_HAVE in response to AYT
  Do not recover log in kadm5_get_principal()
  Don't send diffs to slaves with not yet known version
  Don't stutter in send_diffs
- Optional backwards-compatible anon-pkinit behavior

Revision 1.1.1.4 / (download) - annotate - [select for diffs] (vendor branch), Mon Jun 19 21:33:19 2023 UTC (8 months, 2 weeks ago) by christos
Branch: HEIMDAL
Changes since 1.1.1.3: +1 -1 lines
Diff to previous 1.1.1.3 (colored)

Import heimdal-7.8.0 (previous was 7.7.0)

This release includes both the Heimdal 7.7.1 Security Vulnerability
fixes and non-Security bug fixes/improvements.

Security Vulnerabilities:
- CVE-2022-42898 PAC parse integer overflows
- CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
- CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
- CVE-2021-44758 A null pointer de-reference DoS in SPNEGO acceptors
- CVE-2021-3671 A null pointer de-reference when handling missing sname
  in TGS-REQ
- CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
  Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0
  on the Common Vulnerability Scoring System (CVSS) v3, as we believe
  it should be possible to get an RCE on a KDC, which means that
  credentials can be compromised that can be used to impersonate
  anyone in a realm or forest of realms.

  Heimdal's ASN.1 compiler generates code that allows specially
  crafted DER encodings of CHOICEs to invoke the wrong free function
  on the decoded structure upon decode error. This is known to impact
  the Heimdal KDC, leading to an invalid free() of an address partly
  or wholly under the control of the attacker, in turn leading to a
  potential remote code execution (RCE) vulnerability.

  This error affects the DER codec for all extensible CHOICE types
  used in Heimdal, though not all cases will be exploitable. We have
  not completed a thorough analysis of all the Heimdal components
  affected, thus the Kerberos client, the X.509 library, and other
  parts, may be affected as well.

  This bug has been in Heimdal's ASN.1 compiler since 2005, but it may
  only affect Heimdal 1.6 and up. It was first reported by Douglas
  Bagnall, though it had been found independently by the Heimdal
  maintainers via fuzzing a few weeks earlier.

  While no zero-day exploit is known, such an exploit will likely be
  available soon after public disclosure.
- CVE-2019-14870: Validate client attributes in protocol-transition
- CVE-2019-14870: Apply forwardable policy in protocol-transition
- CVE-2019-14870: Always lookup impersonate client in DB

Other changes:
- Bugs found by UBSAN (including the incorrect encoding of unconstrained
  INTEGER value -1).
- Errors found by the LLVM scan-build static analyzer.
- Errors found by the valgrind memory debugger.
- Work around GCC Bug 95189 (memcmp wrongly stripped like strcmp).
- Correct ASN.1 OID typo for SHA-384
- Fix a deadlock in in the MEMORY ccache type.
- TGS: strip forwardable and proxiable flags if the server is
  disallowed.
- CVE-2019-14870: Validate client attributes in protocol-transition
- CVE-2019-14870: Apply forwardable policy in protocol-transition
- CVE-2019-14870: Always lookup impersonate client in DB
- Incremental HDB propagation improvements
  Refactor send_diffs making it progressive
  Handle partial writes on non-blocking sockets
  Disable Nagle in iprop master and slave
  Use async I/O
  Don't send I_HAVE in response to AYT
  Do not recover log in kadm5_get_principal()
  Don't send diffs to slaves with not yet known version
  Don't stutter in send_diffs
- Optional backwards-compatible anon-pkinit behavior

Revision 1.4.12.1, Tue Apr 21 18:41:50 2020 UTC (3 years, 10 months ago) by martin
Branch: phil-wifi
Changes since 1.4: +1 -1 lines
FILE REMOVED

Sync with HEAD

Revision 1.3.10.1 / (download) - annotate - [select for diffs], Fri Apr 21 16:50:49 2017 UTC (6 years, 10 months ago) by bouyer
Branch: bouyer-socketcan
Changes since 1.3: +1 -1 lines
Diff to previous 1.3 (colored) next main 1.4 (colored)

Sync with HEAD

Revision 1.3.6.1 / (download) - annotate - [select for diffs], Mon Mar 20 06:51:46 2017 UTC (6 years, 11 months ago) by pgoyette
Branch: pgoyette-localcount
Changes since 1.3: +1 -1 lines
Diff to previous 1.3 (colored) next main 1.4 (colored)

Sync with HEAD

Revision 1.4 / (download) - annotate - [select for diffs], Sat Jan 28 21:31:49 2017 UTC (7 years, 1 month ago) by christos
Branch: MAIN
CVS Tags: prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, phil-wifi-base, phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, phil-wifi-20190609, pgoyette-localcount-20170426, pgoyette-localcount-20170320, pgoyette-compat-merge-20190127, pgoyette-compat-base, pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315, pgoyette-compat, perseant-stdc-iso10646-base, perseant-stdc-iso10646, netbsd-9-base, netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1, netbsd-9, netbsd-8-base, netbsd-8-2-RELEASE, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1, netbsd-8, netbsd-10-base, netbsd-10-0-RC5, netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1, netbsd-10, matt-nb8-mediatek-base, matt-nb8-mediatek, is-mlppp-base, is-mlppp, cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x, bouyer-socketcan-base1
Branch point for: phil-wifi
Changes since 1.3: +0 -0 lines
Diff to previous 1.3 (colored)

merge conflicts, adjust the build.

Revision 1.2.22.1 / (download) - annotate - [select for diffs], Sun Aug 10 06:47:30 2014 UTC (9 years, 6 months ago) by tls
Branch: tls-earlyentropy
Changes since 1.2: +1 -1 lines
Diff to previous 1.2 (colored) next main 1.3 (colored)

Rebase.

Revision 1.3 / (download) - annotate - [select for diffs], Thu Apr 24 13:45:34 2014 UTC (9 years, 10 months ago) by pettai
Branch: MAIN
CVS Tags: yamt-pagecache-base9, tls-maxphys-base, tls-earlyentropy-base, pgoyette-localcount-base, pgoyette-localcount-20170107, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-base, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0, netbsd-7, localcount-20160914, bouyer-socketcan-base
Branch point for: pgoyette-localcount, bouyer-socketcan
Changes since 1.2: +1 -1 lines
Diff to previous 1.2 (colored)

Import latest heimdal-1-5-branch, merge conflicts

Ok'ed and reviewed by elric@

Revision 1.1.1.3 / (download) - annotate - [select for diffs] (vendor branch), Thu Apr 24 12:45:50 2014 UTC (9 years, 10 months ago) by pettai
Branch: HEIMDAL
CVS Tags: heimdal-7-7-0, head-20170128, h5l-1-5-branch-20140422
Changes since 1.1.1.2: +1 -1 lines
Diff to previous 1.1.1.2 (colored)

Import latest heimdal-1-5-branch from git

Ok'ed + reviewed by elric@

Revision 1.2 / (download) - annotate - [select for diffs], Thu Apr 28 14:38:49 2011 UTC (12 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: yamt-pagecache-tag8, yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6, yamt-pagecache-base5, yamt-pagecache-base4, yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, yamt-pagecache, tls-maxphys, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3, riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-1, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, netbsd-6-0, netbsd-6, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus, khorben-n900, cherry-xenmp-base, cherry-xenmp, agc-symver-base, agc-symver
Branch point for: tls-earlyentropy
Changes since 1.1: +3 -3 lines
Diff to previous 1.1 (colored)

Typo fix.

Revision 1.1.1.2 / (download) - annotate - [select for diffs] (vendor branch), Thu Apr 14 14:09:21 2011 UTC (12 years, 10 months ago) by elric
Branch: HEIMDAL
CVS Tags: head-20110412
Changes since 1.1.1.1: +1 -1 lines
Diff to previous 1.1.1.1 (colored)

Reimport Heimdal dist converted into NetBSD dist format.  The prior
import did not catch all of the $Id$ tags because many of them are
unexpanded and the RE was only looking for expanded keywords.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Apr 13 18:15:33 2011 UTC (12 years, 10 months ago) by elric
Branch: HEIMDAL
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Import latest Heimdal from the head of their git repository into the
new location for externally maintained software.

Revision 1.1 / (download) - annotate - [select for diffs], Wed Apr 13 18:15:33 2011 UTC (12 years, 10 months ago) by elric
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>