oss-sec mailing list archives

Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization

From: Florian Weimer <fw () deneb enyo de>
Date: Tue, 24 Apr 2012 14:34:23 +0200

* Sebastian Krahmer:

Indeed, the point was to also check against fscaps:

https://bugzilla.novell.com/show_bug.cgi?id=694598

At least it should be considered for future builds. The mount.nfs
case was only interesting for the suid bit.


Okay.  Our mount.nfs doesn't seem to use libgssglue.  I wonder if you
use a different code base, or if this is something that's going to be
come relevant to use with a newer upstream version, too.

Current thread:

Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Florian Weimer (Apr 24)
- Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Sebastian Krahmer (Apr 24)
  - Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Florian Weimer (Apr 24)
    - Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Sebastian Krahmer (Apr 24)
    - Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization Florian Weimer (Apr 24)