---
- branch: netbsd-7
date: Wed Jul 12 15:34:37 UTC 2017
files:
- new: 1.1.1.2.2.1
old: 1.1.1.2
path: src/crypto/external/bsd/heimdal/dist/lib/krb5/ticket.c
pathrev: src/crypto/external/bsd/heimdal/dist/lib/krb5/ticket.c@1.1.1.2.2.1
type: modified
id: 20170712T153437Z.ebc7b0f0036b87f45c875655bd3360d1cce292fc
log: "Pull up following revision(s) (requested by christos in ticket #1453):\n\tcrypto/external/bsd/heimdal/dist/lib/krb5/ticket.c:
revision 1.3\n\tcrypto/external/bsd/heimdal/dist/lib/krb5/ticket.c: revision 1.4\nhttps://orpheus-lyre.info/design/index.html\nhttps://github.com/heimdal/heimdal/commit/6dd3eb836bbb80a00ffced4ad57077a1cdf227ea\nIn
_krb5_extract_ticket() the KDC-REP service name must be obtained from\nencrypted
version stored in 'enc_part' instead of the unencrypted version\nstored in 'ticket'.
\ Use of the unecrypted version provides an\nopportunity for successful server
impersonation and other attacks.\nIdentified by Jeffrey Altman, Viktor Duchovni
and Nico Williams.\nXXX: pullup 6, 7, 8.\nfix typo.\n"
module: src
subject: 'CVS commit: [netbsd-7] src/crypto/external/bsd/heimdal/dist/lib/krb5'
unixtime: '1499873677'
user: martin