krb5: fix CVE-2024-26458 and CVE-2024-26461

CVE-2024-26458: Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. CVE-2024-26461: Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. References: https://nvd.nist.gov/vuln/detail/CVE-2024-26458 https://nvd.nist.gov/vuln/detail/CVE-2024-26461 Upstream Patch: https://github.com/krb5/krb5/commit/c5f9c816107f70139de11b38aa02db2f1774ee0d Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Yogita Urade <yogita.urade@windriver.com> 2024-08-23 06:46:03 +0000
committer: Khem Raj <raj.khem@gmail.com> 2024-08-23 22:35:10 -0700
commit: 2cfb80b24ce790d4d13c315207d28df0afe4d90c (patch)
tree: 88a4dff83ed71142b6bf9355fda4feb2e142cc1c /meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
parent: 8c43e7a2997696179c562fe0d0be2aa076df8916 (diff)
download: meta-openembedded-2cfb80b24ce790d4d13c315207d28df0afe4d90c.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb b/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
index c482472ff..748918132 100644
--- a/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
+++ b/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
@@ -28,6 +28,7 @@ SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}.tar.gz \
           file://etc/default/krb5-admin-server \
           file://krb5-kdc.service \
           file://krb5-admin-server.service \
+           file://CVE-2024-26458_CVE-2024-26461.patch;striplevel=2 \
 "
 SRC_URI[sha256sum] = "b7a4cd5ead67fb08b980b21abd150ff7217e85ea320c9ed0c6dadd304840ad35"
author	Yogita Urade <yogita.urade@windriver.com>	2024-08-23 06:46:03 +0000
committer	Khem Raj <raj.khem@gmail.com>	2024-08-23 22:35:10 -0700
commit	2cfb80b24ce790d4d13c315207d28df0afe4d90c (patch)
tree	88a4dff83ed71142b6bf9355fda4feb2e142cc1c /meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
parent	8c43e7a2997696179c562fe0d0be2aa076df8916 (diff)
download	meta-openembedded-2cfb80b24ce790d4d13c315207d28df0afe4d90c.tar.gz

diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb b/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb index c482472ff..748918132 100644 --- a/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb +++ b/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb
@@ -28,6 +28,7 @@ SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}.tar.gz \
28	file://etc/default/krb5-admin-server \	28	file://etc/default/krb5-admin-server \
29	file://krb5-kdc.service \	29	file://krb5-kdc.service \
30	file://krb5-admin-server.service \	30	file://krb5-admin-server.service \
		31	file://CVE-2024-26458_CVE-2024-26461.patch;striplevel=2 \
31	"	32	"
32		33
33	SRC_URI[sha256sum] = "b7a4cd5ead67fb08b980b21abd150ff7217e85ea320c9ed0c6dadd304840ad35"	34	SRC_URI[sha256sum] = "b7a4cd5ead67fb08b980b21abd150ff7217e85ea320c9ed0c6dadd304840ad35"