View Issue Details

IDProjectCategoryView StatusLast Update
0015883CentOS-7krb5public2019-03-01 16:22
Status closedResolutionwon't fix 
Product Version7.5.1804 
Target VersionFixed in Version 
Summary0015883: Trying to cve-2018-20217 in krb5
DescriptionWe are currently using the following.


We are trying to fix CVE by patching upstream fix available in 1.17.

Removed the assert as suggested by patch and trying to rebuild source RPM and RPM but getting following errors.

making check in kadm5/unit-test...
Error! Command: kadm5_create_principal $server_handle [simple_principal $whoami] {KADM5_PRINCIPAL} $whoami
Error: ERROR KADM5_DUP {Principal or policy already exists}
setkey-test.c: In function 'main':
setkey-test.c:145:27: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
             for (i = 0; i < sizeof(pw); i++)
+ Test 0:
./client-setkey-test: Principal does not exist while setting keys

Is this fixable in CentOS?
Steps To Reproduce1. Downloaded latest source
2. Tried to build SRPM and RPM using krb5.spec given and then we are getting errors stated in description.




2019-03-01 16:22

manager   ~0033924

CentOS is a rebuild of the sources used to build RHEL. We do not fix bugs ourselves, we wait for RH to fix them in RHEL and release the updated source and once that is done then it is rebuilt for CentOS. To get a bug fixed in CentOS you have to wait for RH to fix it in RHEL.

The error you are getting looks like a problem in your build environment and not a problem in the source. If you look at the build.log from for the currently released packages, they do not have the error though they do contain the warning about comparison though that can be ignored as it is cosmetic.

Issue History

Date Modified Username Field Change
2019-03-01 06:30 rlinga New Issue
2019-03-01 06:30 rlinga Tag Attached: krb5
2019-03-01 16:22 TrevorH Status new => closed
2019-03-01 16:22 TrevorH Resolution open => won't fix
2019-03-01 16:22 TrevorH Note Added: 0033924