Apply by doing:
       cd /usr/src
       patch -p0 < 033_kadmin.patch

If kadmind is running, kill it:
       kill `cat /var/run/kadmind.pid`

Rebuild and install kadmin and kadmind following these steps:
       cd kerberosIV/lib/sl
       make obj cleandir depend
       make
       cd ../../../kerberosV/lib/roken
       make obj cleandir depend
       make
       cd ../../libexec/kadmind
       make obj cleandir depend
       make && make install
       cd ../../usr.sbin/kadmin
       make obj cleandir depend
       make && make install

Restart kadmind if needed:
       /usr/libexec/kadmind &

Index: kerberosV/src/kadmin/version4.c
===================================================================
RCS file: /cvs/src/kerberosV/src/kadmin/version4.c,v
retrieving revision 1.1.1.1
retrieving revision 1.1.1.1.2.1
diff -u -r1.1.1.1 -r1.1.1.1.2.1
--- kerberosV/src/kadmin/version4.c     25 May 2001 07:49:46 -0000      1.1.1.1
+++ kerberosV/src/kadmin/version4.c     21 Oct 2002 19:51:11 -0000      1.1.1.1.2.1
@@ -822,6 +822,13 @@
    off += _krb5_get_int(msg + off, &rlen, 4);
    memset(&authent, 0, sizeof(authent));
    authent.length = message.length - rlen - KADM_VERSIZE - 4;
+
+    if(authent.length >= MAX_KTXT_LEN) {
+       krb5_warnx(context, "received bad rlen (%lu)", (unsigned long)rlen);
+       make_you_loose_packet (KADM_LENGTH_ERROR, reply);
+       return;
+    }
+
    memcpy(authent.dat, (char*)msg + off, authent.length);
    off += authent.length;

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.