[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: src

To: source-changes_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org
Subject: CVS: cvs.openbsd.org: src
From: Hans Insulander <hin_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org>
Date: Fri, 21 Mar 2003 02:50:08 -0700 (MST)

CVSROOT:	/cvs
Module name:	src
Changes by:	hin_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2003/03/21 02:50:07

Modified files:
	kerberosV/src/kdc: 524.c config.c kdc.8 kdc_locl.h kerberos4.c 

Log message:
Add a new option to disable krb4 cross-realm authentication, disabled by
default. This works around a recently found vulnerability in the krb4
protocol, see

http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt

Patch created by adopting the changes in heimdal-0.5.2, with invaluable help
provided by lha_(_at_)_stacken_(_dot_)_kth_(_dot_)_se and janj_(_at_)_stacken_(_dot_)_kth_(_dot_)_se_(_dot_)_

ok beck@ miod@

Prev by Date: CVS: cvs.openbsd.org: src
Next by Date: Re: CVS: cvs.openbsd.org: src
Previous by thread: Re: CVS: cvs.openbsd.org: src
Next by thread: CVS: cvs.openbsd.org: src
Index(es):
- Date
- Thread

Visit your host, monkey.org