GNU bug report logs

#27749 gnu: heimdal: Update to 7.4.0.

PackageSource(s)Maintainer(s)
guix-patches PTS Buildd Popcon
Full log

Message #20 received at 27749@debbugs.gnu.org (full text, mbox, reply):

Received: (at 27749) by debbugs.gnu.org; 19 Jul 2017 11:05:12 +0000
From debbugs-submit-bounces@debbugs.gnu.org Wed Jul 19 07:05:12 2017
Received: from localhost ([127.0.0.1]:47222 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1dXmn1-0003lp-Te
	for submit@debbugs.gnu.org; Wed, 19 Jul 2017 07:05:12 -0400
Received: from mail-pf0-f179.google.com ([209.85.192.179]:33780)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <alexvong1995@gmail.com>) id 1dXmmz-0003lb-Q2
 for 27749@debbugs.gnu.org; Wed, 19 Jul 2017 07:05:10 -0400
Received: by mail-pf0-f179.google.com with SMTP id s70so16636147pfs.0
 for <27749@debbugs.gnu.org>; Wed, 19 Jul 2017 04:05:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=E9steNeaHRpEiM1JGjDlwFZlv2M56hPxB3+Zb8UsPRM=;
 b=Wo2ax1OalxMnBURjMkSFqFuSJ3cI3qed6a67UqvIaSITqzw2xRX7fhYROe7KBPafAU
 9M6VS/BhuPyZzqEeMJPO0wl/DwwIrGd6iIsQzHtZwgBT3d8OWdriOVQzJ1SYpsi0qVWT
 4qIYndaj/XYJ3k2Og24LZJq3Q3p2MMNTv4tzMXua3tt5MfOlWJCteK5782XygBmRzkK+
 h3GgfCZJs04mXMiL6MqXCUccttC4NwI4j9M18bdKKxeDtWEZ38Kry/4pJ/wtinJ+IpI5
 m8PLuVSmizIEOVZ4mrqOnuUmVR05zJg26pS6wsH2ouUP9I2hnytyTrycZEnc0iIZTZs+
 k4aQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=E9steNeaHRpEiM1JGjDlwFZlv2M56hPxB3+Zb8UsPRM=;
 b=g3VIR+6CBi61z1laRsJ+JkyFR0z8rKgzbHSjdNpJwzskGMgSmr7MqsSppW3Ti0Lvo7
 aYoSLjoRuiRH0GZ3AwUnT85150DubX5Z5gjGgBzEmCkw7CBoUxafr+7RPITN4qnJ16xO
 8zNS7fcARDf4l+gk3eaaQJqp5p2w8tgwDnBhoRGSwv8VzeY3n9orBDCQnIK44o7Y/dNc
 q/WcmXr5T7qc5d4hS9k6Pr8aUnJRUnh2o5L7W7t+uTFNW7cSPRZIuKiZtOYqABwqMkSq
 9sU8lKTeI+feVMxng0biGM1FdkHMYFFVDxmQA8gbeObgEK03q+f5zyQL2m/PAy4eCxhS
 DoyA==
X-Gm-Message-State: AIVw110YaEzSQK+3/rPb39rtiEMKCtMOfmfYhzhFegVHzCI2a3PyYdBQ
 UAy0sFvVtiFNSg==
X-Received: by 10.98.68.76 with SMTP id r73mr2429742pfa.152.1500462303822;
 Wed, 19 Jul 2017 04:05:03 -0700 (PDT)
Received: from debian (n058152179198.netvigator.com. [58.152.179.198])
 by smtp.gmail.com with ESMTPSA id c7sm56459pfa.174.2017.07.19.04.05.01
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Wed, 19 Jul 2017 04:05:02 -0700 (PDT)
From: Alex Vong <alexvong1995@gmail.com>
To: Leo Famulari <leo@famulari.name>
Subject: Re: [bug#27749] [PATCH] gnu: heimdal: Update to 7.4.0 [fixes
 CVE-2017-11103].
References: <87wp76kv68.fsf@gmail.com> <20170718154906.GB16798@jasmine.lan>
 <87bmogzspe.fsf@gmail.com>
Date: Wed, 19 Jul 2017 19:04:53 +0800
In-Reply-To: <87bmogzspe.fsf@gmail.com> (Alex Vong's message of "Wed, 19 Jul
 2017 17:22:53 +0800")
Message-ID: <877ez4znze.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -2.5 (--)
X-Debbugs-Envelope-To: 27749
Cc: 27749@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.5 (--)

[Message part 1 (text/plain, inline)]
I find out that our version of heimdal is also affected by
CVE-2017-6594. So I amend the previous patch to fix it as well.

Changes to 'NEWS' and files in 'tests/' does not apply, so I remove
them. Also, I change hunk#4 of 'kdc/krb5tgs.c' so that it applies.

It used to be:

foo
foo*
+bar
+bar*
baz
baz*

Now it is:

foo
foo*
+bar
+bar*
<empty-line>

Here is the updated patch:

[0001-gnu-heimdal-Fix-CVE-2017-6594-11103.patch (scm, attachment)]
[Message part 3 (text/plain, inline)]
Cheers,
Alex

[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Sat Dec 21 16:59:35 2024; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.