diff options
| author | Yi Zhao <yi.zhao@windriver.com> | 2021-09-06 14:32:53 +0800 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2021-09-07 08:09:37 -0700 |
| commit | 523f6d834d2fddb0ecc73c6d7d8b1845f65f5279 (patch) | |
| tree | b81e07df6ec8ee0fe585768b9c2123d81525a671 /meta-python/recipes-devtools/python/python3-sqlparse/0001-sqlparse-change-shebang-to-python3.patch | |
| parent | 08ff683e00d0920c58c2ec99404d96f3af18e5e8 (diff) | |
| download | meta-openembedded-523f6d834d2fddb0ecc73c6d7d8b1845f65f5279.tar.gz | |
krb5: fix CVE-2021-36222
CVE-2021-36222:
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC)
in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2
allows remote attackers to cause a NULL pointer dereference and daemon
crash. This occurs because a return value is not properly managed in a
certain situation.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
Patches from:
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 620badcbf8a59fbd2cdda6ab01c4ffba1c3ee327)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-sqlparse/0001-sqlparse-change-shebang-to-python3.patch')
0 files changed, 0 insertions, 0 deletions