commit | 9b92253b7aa80e534cc8197b3a56978e4f45164c | [log] [tgz] |
---|---|---|
author | Peter Korsgaard <peter@korsgaard.com> | Sun Nov 22 00:21:49 2020 +0100 |
committer | Peter Korsgaard <peter@korsgaard.com> | Sun Nov 22 15:32:57 2020 +0100 |
tree | 6ddaaa035b1dccae66a216458f2134ecce9ae7f4 | |
parent | 74cce093b047860e5fde45676fcdeabc6f2d0fef [diff] |
package/libkrb5: security bump to version 1.18.3 Fixes the following security issues: - CVE-2020-28196: MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. Also fix .hash file indentation. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>