summaryrefslogtreecommitdiffstats
path: root/debian/patches/0027-CVE-2020-8625.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/0027-CVE-2020-8625.patch')
-rw-r--r--debian/patches/0027-CVE-2020-8625.patch25
1 files changed, 25 insertions, 0 deletions
diff --git a/debian/patches/0027-CVE-2020-8625.patch b/debian/patches/0027-CVE-2020-8625.patch
new file mode 100644
index 0000000..1e036c8
--- /dev/null
+++ b/debian/patches/0027-CVE-2020-8625.patch
@@ -0,0 +1,25 @@
+From: Debian DNS Team <team+dns@tracker.debian.org>
+Date: Thu, 29 Apr 2021 13:06:03 +0200
+Subject: Buffer overflow in GSSAPI security policy negotiation
+ (CVE-2020-8625)
+
+Origin: vendor
+Forwarded: not-needed
+Last-Update: 2021-02-09
+---
+ lib/dns/spnego.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
+index ad77f24..28ead69 100644
+--- a/lib/dns/spnego.c
++++ b/lib/dns/spnego.c
+@@ -877,7 +877,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) {
+ return (ASN1_OVERRUN);
+ }
+
+- data->components = malloc(len * sizeof(*data->components));
++ data->components = malloc((len + 1) * sizeof(*data->components));
+ if (data->components == NULL) {
+ return (ENOMEM);
+ }
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-28 19:37:34 +0000