oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
e407e0ead6f7f579b13360a3fb1a0d13ee966bae
heimdal/lib
History
Joseph Sutton e407e0ead6 gsskrb5: CVE-2022-3437 Use constant-time memcmp() in unwrap_des3() 
The surrounding checks all use ct_memcmp(), so this one was presumably
meant to as well.

Samba BUG: https://bugzilla.samba.org/show_bug.cgi?id=15134

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-11-15 17:51:45 -06:00
..
asn1
asn1: Fix UB and incorrect codec for unconstrained INTEGER values of -1
2022-11-01 16:10:57 -05:00
base
base: -Wno-string-concatenation for test_base
2022-11-01 16:10:57 -05:00
com_err
com_err: Fix bison/byacc invocation
2022-01-21 23:01:44 -06:00
gss_preauth
gss_preauth: remove dead code
2022-01-21 10:09:44 +11:00
gssapi
gsskrb5: CVE-2022-3437 Use constant-time memcmp() in unwrap_des3()
2022-11-15 17:51:45 -06:00
hcrypto
hcrypto: Remove MD2 with prejudice
2022-11-01 16:10:57 -05:00
hdb
hdb: fix ldap module build (missing 'is_file_based' and 'can_taste' initializers)
2022-09-24 19:38:16 +10:00
heimdal
lib/krb5: krb5_get_instance does not work on Windows 7
2020-05-27 23:22:40 -05:00
hx509
hx509: hx509_verify_path remove spurious fallthrough
2022-09-16 15:58:45 -04:00
ipc
ipc: mach_complete_[a]sync avoid 'ret' set but not used warning
2022-09-16 15:58:45 -04:00
kadm5
iprop: Enable secondary KDC bootstrapping w/ PKINIT
2022-10-02 22:46:37 -05:00
kafs
krb5: remove krb5-v4compat.h
2022-09-22 22:13:05 -04:00
kdfs
Minor typo/grammar fixes
2017-03-10 15:47:43 -05:00
krb5
krb5: CVE-2022-42898 PAC parse integer overflows
2022-11-15 17:51:45 -06:00
libedit
krb5: pkinit select_dh_group clarify 'bits' param is the minimum
2022-09-16 17:00:20 -04:00
ntlm
rewrite fallthrough to HEIM_FALLTHROUGH to deal with new Apple SDKs
2022-09-16 15:58:45 -04:00
otp
Use constant-time memcmp when comparing sensitive buffers
2022-04-30 13:35:52 -04:00
roken
roken: Fix UB
2022-11-01 16:10:57 -05:00
sl
sl: Fix exit(0) when incorrect usage
2022-10-11 21:05:45 -05:00
sqlite
sqlite: Be thread-safe on Windows too
2021-11-30 11:42:00 -05:00
vers
Fix make dist missing files (#228)
2016-12-15 12:15:56 -06:00
wind
rewrite fallthrough to HEIM_FALLTHROUGH to deal with new Apple SDKs
2022-09-16 15:58:45 -04:00
Makefile.am
gss: move GSS pre-auth helpers to convenience lib
2021-08-27 15:20:07 +10:00
NTMakefile
gss: move GSS pre-auth helpers to convenience lib
2021-08-27 15:20:07 +10:00