summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortron <tron>2012-06-09 15:34:08 +0000
committertron <tron>2012-06-09 15:34:08 +0000
commite688f49e70feb332425cce76172977362bb771ab (patch)
treefc7a826e144aec76b2f9d077c929ac076a865b23
parentc2a1c489a49185479f9c60a8d3030cfeec658b46 (diff)
downloadpkgsrc-e688f49e70feb332425cce76172977362bb771ab.tar.gz
Pullup ticket #3831 - requested by tez
security/mit-krb5: security patch Revisions pulled up: - security/mit-krb5/Makefile 1.57 - security/mit-krb5/distinfo 1.34 - security/mit-krb5/patches/patch-lib_kadm5_srv_svr__principal.c 1.1 --- Module Name: pkgsrc Committed By: tez Date: Wed Jun 6 18:17:46 UTC 2012 Modified Files: pkgsrc/security/mit-krb5: Makefile distinfo Added Files: pkgsrc/security/mit-krb5/patches: patch-lib_kadm5_srv_svr__principal.c Log Message: Fix for CVE-2012-1013 from: [10]https://github.com/krb5/krb5/commit/ca2909440015d33be42e77d1955194963d8c095 5
Diffstat
-rw-r--r--security/mit-krb5/Makefile3
-rw-r--r--security/mit-krb5/distinfo6
-rw-r--r--security/mit-krb5/patches/patch-lib_kadm5_srv_svr__principal.c16
3 files changed, 20 insertions, 5 deletions
diff --git a/security/mit-krb5/Makefile b/security/mit-krb5/Makefile
index 7d2fc75669f..3da61602a6a 100644
--- a/security/mit-krb5/Makefile
+++ b/security/mit-krb5/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.56 2012/02/26 13:14:19 adam Exp $
+# $NetBSD: Makefile,v 1.56.2.1 2012/06/09 15:34:08 tron Exp $
DISTNAME= krb5-1.8.6
PKGNAME= mit-${DISTNAME}
+PKGREVISION= 1
CATEGORIES= security
MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/1.8/
EXTRACT_SUFX= .tar
diff --git a/security/mit-krb5/distinfo b/security/mit-krb5/distinfo
index fcee86724c3..a2f7ec9b340 100644
--- a/security/mit-krb5/distinfo
+++ b/security/mit-krb5/distinfo
@@ -1,8 +1,5 @@
-$NetBSD: distinfo,v 1.33 2012/02/26 13:14:19 adam Exp $
+$NetBSD: distinfo,v 1.33.2.1 2012/06/09 15:34:08 tron Exp $
-SHA1 (2011-006-patch-r18.txt) = 30b66b6c5dce537d66874ac58e622b3f6e992ac6
-RMD160 (2011-006-patch-r18.txt) = 829a6d2dc876190996e90e0a6a43e2d018cbaaa5
-Size (2011-006-patch-r18.txt) = 2908 bytes
SHA1 (krb5-1.8.6-signed.tar) = 0a1356c6680578f683b6ffd33044f6f02d69b315
RMD160 (krb5-1.8.6-signed.tar) = 3faad0306482f99c1467d045767090d298a20ce4
Size (krb5-1.8.6-signed.tar) = 11950080 bytes
@@ -22,4 +19,5 @@ SHA1 (patch-ch) = 0e36012b43c498b8920f204bab2ba9a68f8c851a
SHA1 (patch-ci) = 4e310f0a4dfe27cf94d0e63d623590691b6c5970
SHA1 (patch-cj) = 78342f649f8e9d3a3b5a4f83e65b6c46f589586b
SHA1 (patch-ck) = 87b7704ca9de02880ef8b3dbb097e87d0252bd4b
+SHA1 (patch-lib_kadm5_srv_svr__principal.c) = fd8f677ece32ae5ca1b5d66932e79115eb4d982d
SHA1 (patch-lib_krb5_asn.1_asn1buf.h) = a1e46ca9256aea4facc1d41841b1707b044a69e7
diff --git a/security/mit-krb5/patches/patch-lib_kadm5_srv_svr__principal.c b/security/mit-krb5/patches/patch-lib_kadm5_srv_svr__principal.c
new file mode 100644
index 00000000000..85184ff1732
--- /dev/null
+++ b/security/mit-krb5/patches/patch-lib_kadm5_srv_svr__principal.c
@@ -0,0 +1,16 @@
+$NetBSD: patch-lib_kadm5_srv_svr__principal.c,v 1.1.2.2 2012/06/09 15:34:09 tron Exp $
+
+Fix for CVE-2012-1013 from:
+ https://github.com/krb5/krb5/commit/ca2909440015d33be42e77d1955194963d8c0955
+
+--- lib/kadm5/srv/svr_principal.c.orig 2012-06-06 17:25:54.168189200 +0000
++++ lib/kadm5/srv/svr_principal.c
+@@ -196,7 +196,7 @@ check_1_6_dummy(kadm5_principal_ent_t en
+ char *password = *passptr;
+
+ /* Old-style randkey operations disallowed tickets to start. */
+- if (!(mask & KADM5_ATTRIBUTES) ||
++ if (password == NULL || !(mask & KADM5_ATTRIBUTES) ||
+ !(entry->attributes & KRB5_KDB_DISALLOW_ALL_TIX))
+ return;
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-04 19:14:19 +0000