home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Black Crawling Systems Archive Release 1.0
/
Black Crawling Systems Archive Release 1.0 (L0pht Heavy Industries, Inc.)(1997).ISO
/
advisories
/
CNS96Q1
< prev
next >
Wrap
Text File
|
1997-07-17
|
1KB
|
33 lines
===================================================================
RCS file: kerberos/src/server/ChangeLog,v
retrieving revision 1.21
diff -u -r1.21 ChangeLog
--- ChangeLog 1996/02/11 01:05:41 1.21
+++ ChangeLog 1996/11/25 22:07:41
@@ -1,3 +1,9 @@
+Mon Nov 25 17:05:32 1996 Mark Eichin <eichin@cygnus.com>
+
+ * kerberos.c (kerberos): clear req_name_ptr, req_inst_ptr,
+ req_realm_ptr, req_time_ws to avoid leaking data through
+ kerb_err_reply.
+
Sat Feb 10 20:03:19 1996 Mark Eichin <eichin@cygnus.com>
* kerberos.c (main): initialize des-based random key generator
===================================================================
RCS file: kerberos/src/server/kerberos.c,v
retrieving revision 1.40
diff -u -r1.40 kerberos.c
--- kerberos.c 1996/02/11 01:05:42 1.40
+++ kerberos.c 1996/11/25 22:07:41
@@ -386,6 +386,9 @@
unsigned char *ptr; /* must be unsigned for timestamp fetch */
+ /* clear per-packet statics */
+ req_name_ptr = req_inst_ptr = req_realm_ptr = "";
+ req_time_ws = 0;
ciph->length = 0;