freebsd-skq/crypto/heimdal
Xin LI 49426905b3 MFV r320905: Import upstream fix for CVE-2017-11103.
In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'.  Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.

Submitted by:	hrs
Obtained from:	Heimdal
Security:	FreeBSD-SA-17:05.heimdal
Security:	CVE-2017-11103
2017-07-12 07:19:06 +00:00
..
admin
appl
base
doc
etc
include
kadmin
kcm
kdc
kpasswd
kuser
lib MFV r320905: Import upstream fix for CVE-2017-11103. 2017-07-12 07:19:06 +00:00
tools Include the gssapi_krb5 library in KRB5_LDFLAGS. 2014-09-08 19:00:13 +00:00
acinclude.m4
aclocal.m4
autogen.sh
ChangeLog
ChangeLog.1998
ChangeLog.1999
ChangeLog.2000
ChangeLog.2001
ChangeLog.2002
ChangeLog.2003
ChangeLog.2004
ChangeLog.2005
ChangeLog.2006
compile
config.guess
config.sub
configure
FREEBSD-Xlist
install-sh
krb5.conf
LICENSE
ltmain.sh
Makefile.am
Makefile.am.common
Makefile.in
missing
NEWS
README

Heimdal is a Kerberos 5 implementation.

For information how to install see <http://www.h5l.org/compile.html>.

There are briefer man pages for most of the commands.

Bug reports and bugs are appreciated, see more under Bug reports in
the manual on how we prefer them: <heimdal-bugs@h5l.org>.

For more information see the web-page at
<http://www.h5l.org/> or the mailing lists:

heimdal-announce@sics.se	low-volume announcement
heimdal-discuss@sics.se		high-volume discussion

send a mail to heimdal-announce-request@sics.se and
heimdal-discuss-request@sics.se respectively to subscribe.