diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2021-09-06 14:32:53 +0800 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2021-09-07 10:03:50 -0700 |
commit | 69087d69d01a4530e2d588036fcbeaf8856b2ff1 (patch) | |
tree | 1066ace1aeb00001d1185f9ae03b728152ae9a5c /meta-multimedia/recipes-multimedia/musicbrainz | |
parent | 140b37fadff32e5a2fd8da7fb97e71473be15eb3 (diff) | |
download | meta-openembedded-contrib-69087d69d01a4530e2d588036fcbeaf8856b2ff1.tar.gz |
krb5: fix CVE-2021-36222
CVE-2021-36222:
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC)
in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2
allows remote attackers to cause a NULL pointer dereference and daemon
crash. This occurs because a return value is not properly managed in a
certain situation.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-36222
Patches from:
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-multimedia/recipes-multimedia/musicbrainz')
0 files changed, 0 insertions, 0 deletions