svn commit: r378417 - in head/security: krb5 krb5-111 krb5-112
Cy Schubert
cy at FreeBSD.org
Wed Feb 4 20:47:07 UTC 2015
Author: cy
Date: Wed Feb 4 20:47:04 2015
New Revision: 378417
URL: https://svnweb.freebsd.org/changeset/ports/378417
QAT: https://qat.redports.org/buildarchive/r378417/
Log:
Address: krb5 -- Vulnerabilities in kadmind, libgssrpc,
gss_process_context_token VU#540092
CVE-2014-5352: gss_process_context_token() incorrectly frees context
CVE-2014-9421: kadmind doubly frees partial deserialization results
CVE-2014-9422: kadmind incorrectly validates server principal name
CVE-2014-9423: libgssrpc server applications leak uninitialized bytes
Security: VUXML: 24ce5597-acab-11e4-a847-206a8a720317
Security: MIT KRB5: VU#540092
Security: CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
Modified:
head/security/krb5-111/Makefile
head/security/krb5-111/distinfo
head/security/krb5-112/Makefile
head/security/krb5-112/distinfo
head/security/krb5/Makefile
head/security/krb5/distinfo
Modified: head/security/krb5-111/Makefile
==============================================================================
--- head/security/krb5-111/Makefile Wed Feb 4 20:44:21 2015 (r378416)
+++ head/security/krb5-111/Makefile Wed Feb 4 20:47:04 2015 (r378417)
@@ -3,12 +3,13 @@
PORTNAME= krb5
PORTVERSION= 1.11.5
-PORTREVISION= 3
+PORTREVISION= 4
CATEGORIES= security
MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
PKGNAMESUFFIX= -111
DISTNAME= krb5-${PORTVERSION}-signed
EXTRACT_SUFX= .tar
+PATCHFILES= 2015-001-patch-r111.txt
PATCH_SITES= http://web.mit.edu/kerberos/advisories/
PATCH_DIST_STRIP= -p2
Modified: head/security/krb5-111/distinfo
==============================================================================
--- head/security/krb5-111/distinfo Wed Feb 4 20:44:21 2015 (r378416)
+++ head/security/krb5-111/distinfo Wed Feb 4 20:47:04 2015 (r378417)
@@ -1,2 +1,4 @@
SHA256 (krb5-1.11.5-signed.tar) = d3cee29a50b510526fa692c7c23832df60d4d1cfa66de21e288a897bed6b98c2
SIZE (krb5-1.11.5-signed.tar) = 11714560
+SHA256 (2015-001-patch-r111.txt) = d7e1ac2abf76e546680d2789d11aaafe3119a13bbdcd1008b742efea016816e2
+SIZE (2015-001-patch-r111.txt) = 12128
Modified: head/security/krb5-112/Makefile
==============================================================================
--- head/security/krb5-112/Makefile Wed Feb 4 20:44:21 2015 (r378416)
+++ head/security/krb5-112/Makefile Wed Feb 4 20:47:04 2015 (r378417)
@@ -3,11 +3,13 @@
PORTNAME= krb5
PORTVERSION= 1.12.2
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
PKGNAMESUFFIX= -112
DISTNAME= ${PORTNAME}-${PORTVERSION}-signed
EXTRACT_SUFX= .tar
+PATCHFILES= 2015-001-patch-r112.txt
PATCH_SITES= http://web.mit.edu/kerberos/advisories/
PATCH_DIST_STRIP= -p2
Modified: head/security/krb5-112/distinfo
==============================================================================
--- head/security/krb5-112/distinfo Wed Feb 4 20:44:21 2015 (r378416)
+++ head/security/krb5-112/distinfo Wed Feb 4 20:47:04 2015 (r378417)
@@ -1,2 +1,4 @@
SHA256 (krb5-1.12.2-signed.tar) = 09bd180107b5c2b3b7378c57c023fb02a103d4cac39d6f2dd600275d7a4f3744
SIZE (krb5-1.12.2-signed.tar) = 11991040
+SHA256 (2015-001-patch-r112.txt) = 75d1d070293fef7faa2c5ffbe8de4afaefb95449564e7dd5da458588ba637449
+SIZE (2015-001-patch-r112.txt) = 12130
Modified: head/security/krb5/Makefile
==============================================================================
--- head/security/krb5/Makefile Wed Feb 4 20:44:21 2015 (r378416)
+++ head/security/krb5/Makefile Wed Feb 4 20:47:04 2015 (r378417)
@@ -3,10 +3,12 @@
PORTNAME= krb5
PORTVERSION= 1.13
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
DISTNAME= ${PORTNAME}-${PORTVERSION}-signed
EXTRACT_SUFX= .tar
+PATCHFILES= 2015-001-patch-r113.txt
PATCH_SITES= http://web.mit.edu/kerberos/advisories/
PATCH_DIST_STRIP= -p2
@@ -67,7 +69,13 @@ PLIST_SUB+= LDAP="@comment "
.endif
.if ${PORT_OPTIONS:MREADLINE}
+.if ${OSVERSION} >= 1100000
+# libtool has some gas with libreadline in 11-CURRENT.
+BUILD_DEPENDS+= ${LOCALBASE}/lib/libreadline.so.6:${PORTSDIR}/devel/readline
+LIB_DEPENDS+= ${LOCALBASE}/lib/libreadline.so.6:${PORTSDIR}/devel/readline
+.else
USES+= readline:port
+.endif
CONFIGURE_ARGS+= --with-readline
.endif
Modified: head/security/krb5/distinfo
==============================================================================
--- head/security/krb5/distinfo Wed Feb 4 20:44:21 2015 (r378416)
+++ head/security/krb5/distinfo Wed Feb 4 20:47:04 2015 (r378417)
@@ -1,2 +1,4 @@
SHA256 (krb5-1.13-signed.tar) = dc8f79ae9ab777d0f815e84ed02ac4ccfe3d5826eb4947a195dfce9fd95a9582
SIZE (krb5-1.13-signed.tar) = 12083200
+SHA256 (2015-001-patch-r113.txt) = c41cb0dd88abb53543697a6e91832d6e0639a99a811c3092904eff03fa4b5ec6
+SIZE (2015-001-patch-r113.txt) = 12569
More information about the svn-ports-head
mailing list