diff options
author | tron <tron@pkgsrc.org> | 2010-05-20 22:23:50 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2010-05-20 22:23:50 +0000 |
commit | bc2b2da38e07889c4e4a32c9c996c1e4dff11b7a (patch) | |
tree | 65ac7e958b50b58dc6014d5843a4878feaeff65f /security/mit-krb5/patches/patch-bx | |
parent | 72aa1fef9ea4f97e26c42a03787d4d41131589ec (diff) | |
download | pkgsrc-bc2b2da38e07889c4e4a32c9c996c1e4dff11b7a.tar.gz |
Pullup ticket #3127 - requested by tez
security/mit-krb5: security patch
Revisions pulled up:
- security/mit-krb5/Makefile 1.49
- security/mit-krb5/distinfo 1.25
- security/mit-krb5/patches/patch-bx 1.1
---
Module Name: pkgsrc
Committed By: tez
Date: Thu May 20 14:21:23 UTC 2010
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-bx
Log Message:
fix CVE-2010-1321 (MITKRB5-SA-2010-005) and take maintainership
Diffstat (limited to 'security/mit-krb5/patches/patch-bx')
-rw-r--r-- | security/mit-krb5/patches/patch-bx | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/security/mit-krb5/patches/patch-bx b/security/mit-krb5/patches/patch-bx new file mode 100644 index 00000000000..831723af105 --- /dev/null +++ b/security/mit-krb5/patches/patch-bx @@ -0,0 +1,19 @@ +$NetBSD: patch-bx,v 1.1.2.2 2010/05/20 22:23:50 tron Exp $ +fix http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-005.txt + +--- lib/gssapi/krb5/accept_sec_context.c.orig 2010-05-20 07:13:48.258046700 -0500 ++++ lib/gssapi/krb5/accept_sec_context.c 2010-05-20 07:16:20.228175200 -0500 +@@ -423,6 +423,13 @@ + } + #endif + ++ if (authdat->checksum == NULL) { ++ /* missing checksum counts as "inappropriate type" */ ++ code = KRB5KRB_AP_ERR_INAPP_CKSUM; ++ major_status = GSS_S_FAILURE; ++ goto fail; ++ } ++ + { + /* gss krb5 v1 */ + |