Unblock libpam-krb5 3.11-2

To: debian-release@lists.debian.org
Subject: Unblock libpam-krb5 3.11-2
From: Russ Allbery <rra@debian.org>
Date: Thu, 14 Aug 2008 01:18:38 -0700
Message-id: <[🔎] 87ej4s80wx.fsf@windlord.stanford.edu>

I've just uploaded libpam-krb5 3.11-2, which fixes a segfault in one error
handling code path.  Here is the complete debdiff relative to 3.11-1.
Could you unblock it for lenny?

--- libpam-krb5-3.11/debian/changelog
+++ libpam-krb5-3.11/debian/changelog
@@ -1,3 +1,10 @@
+libpam-krb5 (3.11-2) unstable; urgency=low
+
+  * Fix double-free of the cache data structure if cache creation fails
+    while opening a session or setting credentials.  (LP: #257826)
+
+ -- Russ Allbery <rra@debian.org>  Wed, 13 Aug 2008 23:36:54 -0700
+
 libpam-krb5 (3.11-1) unstable; urgency=low
 
   * New upstream release.
only in patch2:
unchanged:
--- libpam-krb5-3.11.orig/api-auth.c
+++ libpam-krb5-3.11/api-auth.c
@@ -51,6 +51,7 @@
     int pamret;
     krb5_error_code status;
 
+    *cache = NULL;
     memset(&creds, 0, sizeof(creds));
     if (args == NULL || args->ctx == NULL || args->ctx->context == NULL)
         return PAM_SERVICE_ERR;
@@ -93,8 +94,10 @@
 
 done:
     krb5_cc_end_seq_get(ctx->context, ctx->cache, &cursor);
-    if (pamret != PAM_SUCCESS && *cache != NULL)
+    if (pamret != PAM_SUCCESS && *cache != NULL) {
         krb5_cc_destroy(ctx->context, *cache);
+        *cache = NULL;
+    }
     return pamret;
 }
 
-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Follow-Ups:
- Re: Unblock libpam-krb5 3.11-2
  - From: Marc 'HE' Brockschmidt <he@ftwca.de>

Prev by Date: Freeze exception for qpsmtpd 0.40-3
Next by Date: Re: [Pkg-cups-devel] Bug#489554: cups-pdf: bashism in /bin/sh script
Previous by thread: Re: Freeze exception for qpsmtpd 0.40-3
Next by thread: Re: Unblock libpam-krb5 3.11-2
Index(es):
- Date
- Thread