diff options
author | adam <adam@pkgsrc.org> | 2013-05-09 08:40:05 +0000 |
---|---|---|
committer | adam <adam@pkgsrc.org> | 2013-05-09 08:40:05 +0000 |
commit | 32787e11b99a477ee8142301436d9e1e1b5db2d0 (patch) | |
tree | 11deb41192785b84d73337e6bc21c9df96958622 /security/mit-krb5 | |
parent | 918e7fa2f12992444563e10341877966c871e728 (diff) | |
download | pkgsrc-32787e11b99a477ee8142301436d9e1e1b5db2d0.tar.gz |
Changes 1.10.5:
This is a bugfix release. The krb5-1.10 release series is in maintenance, and for new deployments, installers should prefer the krb5-1.11 release series or later.
* Fix KDC null pointer dereference in TGS-REQ handling [CVE-2013-1416]
* Incremental propagation could erroneously act as if a slave's database were current after the slave received a full dump that failed to load.
Diffstat (limited to 'security/mit-krb5')
-rw-r--r-- | security/mit-krb5/Makefile | 5 | ||||
-rw-r--r-- | security/mit-krb5/distinfo | 9 | ||||
-rw-r--r-- | security/mit-krb5/patches/patch-kdc_do_tgs_req.c | 27 |
3 files changed, 6 insertions, 35 deletions
diff --git a/security/mit-krb5/Makefile b/security/mit-krb5/Makefile index c3e372c0010..90051336734 100644 --- a/security/mit-krb5/Makefile +++ b/security/mit-krb5/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.68 2013/04/23 22:09:44 tez Exp $ +# $NetBSD: Makefile,v 1.69 2013/05/09 08:40:05 adam Exp $ -DISTNAME= krb5-1.10.4 -PKGREVISION= 1 +DISTNAME= krb5-1.10.5 PKGNAME= mit-${DISTNAME} CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PKGVERSION_NOREV:R}/ diff --git a/security/mit-krb5/distinfo b/security/mit-krb5/distinfo index 686404755f6..6f0e67c2cd9 100644 --- a/security/mit-krb5/distinfo +++ b/security/mit-krb5/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.41 2013/04/23 22:09:44 tez Exp $ +$NetBSD: distinfo,v 1.42 2013/05/09 08:40:05 adam Exp $ -SHA1 (krb5-1.10.4-signed.tar) = 2b4a0743b95b09cb433d25909e599de27c352f10 -RMD160 (krb5-1.10.4-signed.tar) = 1dbf18f1a02744941ebde3b1db93b2e63e59afcd -Size (krb5-1.10.4-signed.tar) = 11632640 bytes +SHA1 (krb5-1.10.5-signed.tar) = 5c94637ee2355dc0e032abadec4ad207d0f04022 +RMD160 (krb5-1.10.5-signed.tar) = 4800d2da6cf68dacf3e116a29f443010220f3237 +Size (krb5-1.10.5-signed.tar) = 11632640 bytes SHA1 (patch-aa) = 941848a1773dfbe51dff3134d4b8504a850a958d SHA1 (patch-ad) = b56a7218007560470179dd811c84b8c690c966ac SHA1 (patch-ae) = c7395b9de5baf6612b8787fad55dbc051a680bfd @@ -19,6 +19,5 @@ SHA1 (patch-ci) = 4e310f0a4dfe27cf94d0e63d623590691b6c5970 SHA1 (patch-cj) = 78342f649f8e9d3a3b5a4f83e65b6c46f589586b SHA1 (patch-ck) = 37bfef80329f8ae0fb35c35e70032a0040ba5591 SHA1 (patch-kadmin_dbutil_dump.c) = 4b49c116dbed9e6be4a0bf0a731c3ae82808d82e -SHA1 (patch-kdc_do_tgs_req.c) = a7c89338eab17f98c5e2b5d426b3696cc9b4b081 SHA1 (patch-lib_krb5_asn.1_asn1buf.h) = a1e46ca9256aea4facc1d41841b1707b044a69e7 SHA1 (patch-util_k5ev_verto-k5ev.c) = 79a2be64fa4f9b0dc3a333271e8a3ff7944e5c18 diff --git a/security/mit-krb5/patches/patch-kdc_do_tgs_req.c b/security/mit-krb5/patches/patch-kdc_do_tgs_req.c deleted file mode 100644 index a3fa5abff2f..00000000000 --- a/security/mit-krb5/patches/patch-kdc_do_tgs_req.c +++ /dev/null @@ -1,27 +0,0 @@ -$NetBSD: patch-kdc_do_tgs_req.c,v 1.1 2013/04/23 22:09:44 tez Exp $ - -Fix for CVE-2013-1416 from: - http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7600 - ---- kdc/do_tgs_req.c.orig 2013-04-17 20:50:13.528009200 +0000 -+++ kdc/do_tgs_req.c -@@ -1141,7 +1141,8 @@ prep_reprocess_req(krb5_kdc_req *request - retval = ENOMEM; - goto cleanup; - } -- strlcpy(comp1_str,comp1->data,comp1->length+1); -+ if (comp1->data != NULL) -+ memcpy(comp1_str, comp1->data, comp1->length); - - if ((krb5_princ_type(kdc_context, request->server) == KRB5_NT_SRV_HST || - krb5_princ_type(kdc_context, request->server) == KRB5_NT_SRV_INST || -@@ -1164,7 +1165,8 @@ prep_reprocess_req(krb5_kdc_req *request - retval = ENOMEM; - goto cleanup; - } -- strlcpy(temp_buf, comp2->data,comp2->length+1); -+ if (comp2->data != NULL) -+ memcpy(temp_buf, comp2->data, comp2->length); - retval = krb5int_get_domain_realm_mapping(kdc_context, temp_buf, &realms); - free(temp_buf); - if (retval) { |