diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 18:37:15 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 18:37:15 +0000 |
| commit | 55ad72d44a94298a96b8f05488ca5ed97ef04736 (patch) | |
| tree | 8aaa712c1d8b8d191b77a7eef4dc42c770e3b3d0 /debian/patches/0027-CVE-2020-8625.patch | |
| parent | Adding upstream version 1:9.11.5.P4+dfsg. (diff) | |
| download | bind9-55ad72d44a94298a96b8f05488ca5ed97ef04736.tar.xz bind9-55ad72d44a94298a96b8f05488ca5ed97ef04736.zip | |
Adding debian version 1:9.11.5.P4+dfsg-5.1+deb10u7.debian/1%9.11.5.P4+dfsg-5.1+deb10u7debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/0027-CVE-2020-8625.patch')
| -rw-r--r-- | debian/patches/0027-CVE-2020-8625.patch | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/debian/patches/0027-CVE-2020-8625.patch b/debian/patches/0027-CVE-2020-8625.patch new file mode 100644 index 0000000..1e036c8 --- /dev/null +++ b/debian/patches/0027-CVE-2020-8625.patch @@ -0,0 +1,25 @@ +From: Debian DNS Team <team+dns@tracker.debian.org> +Date: Thu, 29 Apr 2021 13:06:03 +0200 +Subject: Buffer overflow in GSSAPI security policy negotiation + (CVE-2020-8625) + +Origin: vendor +Forwarded: not-needed +Last-Update: 2021-02-09 +--- + lib/dns/spnego.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c +index ad77f24..28ead69 100644 +--- a/lib/dns/spnego.c ++++ b/lib/dns/spnego.c +@@ -877,7 +877,7 @@ der_get_oid(const unsigned char *p, size_t len, oid *data, size_t *size) { + return (ASN1_OVERRUN); + } + +- data->components = malloc(len * sizeof(*data->components)); ++ data->components = malloc((len + 1) * sizeof(*data->components)); + if (data->components == NULL) { + return (ENOMEM); + } |