freebsd-skq/crypto/heimdal
Xin LI 49426905b3 MFV r320905: Import upstream fix for CVE-2017-11103.
In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'.  Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.

Submitted by:	hrs
Obtained from:	Heimdal
Security:	FreeBSD-SA-17:05.heimdal
Security:	CVE-2017-11103
2017-07-12 07:19:06 +00:00
..
admin
appl
base
doc
etc
include
kadmin
kcm
kdc
kpasswd
kuser
lib
tools
acinclude.m4
aclocal.m4
autogen.sh
ChangeLog
ChangeLog.1998
ChangeLog.1999
ChangeLog.2000
ChangeLog.2001
ChangeLog.2002
ChangeLog.2003
ChangeLog.2004
ChangeLog.2005
ChangeLog.2006
compile
config.guess
config.sub
configure
FREEBSD-Xlist
install-sh
krb5.conf
LICENSE
ltmain.sh
Makefile.am
Makefile.am.common
Makefile.in
missing
NEWS
README

Heimdal is a Kerberos 5 implementation.

For information how to install see <http://www.h5l.org/compile.html>.

There are briefer man pages for most of the commands.

Bug reports and bugs are appreciated, see more under Bug reports in
the manual on how we prefer them: <heimdal-bugs@h5l.org>.

For more information see the web-page at
<http://www.h5l.org/> or the mailing lists:

heimdal-announce@sics.se	low-volume announcement
heimdal-discuss@sics.se		high-volume discussion

send a mail to heimdal-announce-request@sics.se and
heimdal-discuss-request@sics.se respectively to subscribe.