Unblock libpam-krb5 3.11-2
I've just uploaded libpam-krb5 3.11-2, which fixes a segfault in one error
handling code path. Here is the complete debdiff relative to 3.11-1.
Could you unblock it for lenny?
--- libpam-krb5-3.11/debian/changelog
+++ libpam-krb5-3.11/debian/changelog
@@ -1,3 +1,10 @@
+libpam-krb5 (3.11-2) unstable; urgency=low
+
+ * Fix double-free of the cache data structure if cache creation fails
+ while opening a session or setting credentials. (LP: #257826)
+
+ -- Russ Allbery <rra@debian.org> Wed, 13 Aug 2008 23:36:54 -0700
+
libpam-krb5 (3.11-1) unstable; urgency=low
* New upstream release.
only in patch2:
unchanged:
--- libpam-krb5-3.11.orig/api-auth.c
+++ libpam-krb5-3.11/api-auth.c
@@ -51,6 +51,7 @@
int pamret;
krb5_error_code status;
+ *cache = NULL;
memset(&creds, 0, sizeof(creds));
if (args == NULL || args->ctx == NULL || args->ctx->context == NULL)
return PAM_SERVICE_ERR;
@@ -93,8 +94,10 @@
done:
krb5_cc_end_seq_get(ctx->context, ctx->cache, &cursor);
- if (pamret != PAM_SUCCESS && *cache != NULL)
+ if (pamret != PAM_SUCCESS && *cache != NULL) {
krb5_cc_destroy(ctx->context, *cache);
+ *cache = NULL;
+ }
return pamret;
}
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: