File fix-gssapi-null-dereference.patch of Package ipsec-tools.2290
From: Seth Arnold <seth.arnold@canonical.com>
Subject: fix gssapi null dereference
References: bsc#931989, CVE-2015-4047
Acked-by: Jiri Bohac <jbohac@suse.cz>
--- a/src/racoon/gssapi.c 2015-05-22 13:48:59.319851047 +0200
+++ b/src/racoon/gssapi.c 2015-05-22 13:49:29.156775646 +0200
@@ -192,6 +192,11 @@
gss_name_t princ, canon_princ;
OM_uint32 maj_stat, min_stat;
+ if (iph1->rmconf == NULL) {
+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n");
+ return -1;
+ }
+
gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state));
if (gps == NULL) {
plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n");