>>>>> "Salvatore" == Salvatore Bonaccorso <car...@debian.org> writes:
>> Will fix for unstable tomorrow.
Salvatore> Thank you.
>> I'm still trying to understand the practical impact. Do you
>> think you're going to want to issue a DSA for stable?
Salvatore> We were originally thinking so (and Moritz added krb5 to
Salvatore> the DSA needed list), as at least for 32bit architectures
Salvatore> it might be possible to go beyond denial of service and
Salvatore> potentially leading to remote code execution. But if your
Salvatore> assesment on the issue makes you confident it's not DSA
Salvatore> worthy we can re-evaluate.
I strongly encourage a DSA.
There's the 32-bit issue, but I'm also concerned about what happens if
there is a cross-realm trust.
I think the issue is that with cross-realm trust you may be able to get
the KDC to produce a PACcontaining out-of-bounds memory and send it out.
And then if you have a service that can decrypt that PAC, look at that
memory, possibly including tservice keys.
So it may lead to an entire realm compromise.
What I can't entirely tell is whether that's limited to 32-bit
architectures or whether you could potentially have that happen on
64-bit architectures.
Either way that's really bad.
signature.asc
Description: PGP signature
