pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/mit-krb5 mit-krb5: Update to 1.18.3.
details: https://anonhg.NetBSD.org/pkgsrc/rev/dec1b3d77ce5
branches: trunk
changeset: 445045:dec1b3d77ce5
user: jperkin <jperkin%pkgsrc.org@localhost>
date: Sat Jan 16 09:00:22 2021 +0000
description:
mit-krb5: Update to 1.18.3.
Fixes issues the with autoconf 2.70 update and bison POSIX yacc errors.
Major changes in 1.18.3 (2020-11-17)
------------------------------------
This is a bug fix release.
* Fix a denial of service vulnerability when decoding Kerberos
protocol messages.
* Fix a locking issue with the LMDB KDB module which could cause KDC
and kadmind processes to lose access to the database.
* Fix an assertion failure when libgssapi_krb5 is repeatedly loaded
and unloaded while libkrb5support remains loaded.
krb5-1.18.3 changes by ticket ID
--------------------------------
7476 updated manual page for kvno
8614 Assertion failure when repeatedly loading libgssapi_krb5
8882 kdb5_util load ignores password expiration with LDAP KDB module
8918 KDC and kadmind fork with DB open, breaking LMDB KDB module
8926 Allow gss_unwrap_iov() of unpadded RC4 tokens
8933 Fix input length checking in SPNEGO DER decoding
8936 Set lockdown attribute when creating LDAP KDB
8938 Leash crashes on failure to auto-renew tickets
8939 Suppress Leash error popup on MSLSA renew failure
8959 Add recursion limit for ASN.1 indefinite lengths
8960 Fix compatibility with upcoming autoconf 2.70
diffstat:
security/mit-krb5/Makefile | 12 +---
security/mit-krb5/distinfo | 12 +++--
security/mit-krb5/patches/patch-kadmin_cli_getdate.y | 23 ++++++++++
security/mit-krb5/patches/patch-plugins_kdb_ldap_ldap__util_Makefile.in | 15 ++++++
4 files changed, 49 insertions(+), 13 deletions(-)
diffs (115 lines):
diff -r c949faf1b07b -r dec1b3d77ce5 security/mit-krb5/Makefile
--- a/security/mit-krb5/Makefile Sat Jan 16 08:59:38 2021 +0000
+++ b/security/mit-krb5/Makefile Sat Jan 16 09:00:22 2021 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.110 2020/10/08 19:52:36 gdt Exp $
+# $NetBSD: Makefile,v 1.111 2021/01/16 09:00:23 jperkin Exp $
BRANCHNAME= 1.18
-DISTNAME= krb5-${BRANCHNAME}.2
+DISTNAME= krb5-${BRANCHNAME}.3
PKGNAME= mit-${DISTNAME}
CATEGORIES= security
# It is not clear how stable this URL scheme is.
@@ -33,12 +33,7 @@
USE_LANGUAGES= c c++
USE_LIBTOOL= yes
GNU_CONFIGURE= yes
-USE_TOOLS+= autoconf gzip m4 msgfmt perl
-.if ${OPSYS} == "SunOS"
-USE_TOOLS+= bison
-.else
-USE_TOOLS+= yacc
-.endif
+USE_TOOLS+= autoconf bison gzip m4 msgfmt perl
# The actual KDC databases are stored in ${MIT_KRB5_STATEDIR}/krb5kdc.
MIT_KRB5_STATEDIR?= ${VARBASE}
@@ -59,6 +54,7 @@
CONFIGURE_ENV+= BUILDLINK_PREFIX_OPENSSL=${BUILDLINK_PREFIX.openssl}
CONFIGURE_ENV+= DEFKTNAME=FILE:${PKG_SYSCONFDIR}/krb5.keytab
MAKE_ENV+= ROOT_USER=${ROOT_USER}
+MAKE_ENV+= YFLAGS="-Wnone"
LIBS.SunOS= -lrt
OWN_DIRS_PERMS= ${MIT_KRB5_STATEDIR}/krb5kdc \
diff -r c949faf1b07b -r dec1b3d77ce5 security/mit-krb5/distinfo
--- a/security/mit-krb5/distinfo Sat Jan 16 08:59:38 2021 +0000
+++ b/security/mit-krb5/distinfo Sat Jan 16 09:00:22 2021 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.73 2020/10/08 00:23:14 gdt Exp $
+$NetBSD: distinfo,v 1.74 2021/01/16 09:00:23 jperkin Exp $
-SHA1 (krb5-1.18.2.tar.gz) = 547c4e4afa06dd39c888a9ee89397ec3c3425c90
-RMD160 (krb5-1.18.2.tar.gz) = 5943e2bb26477a6251a9b2fa5f5fecd1ffe276c3
-SHA512 (krb5-1.18.2.tar.gz) = 7cbb1b28e677fea3e0794e93951f3caaa2c49bb1175dd187951e72a466cc69d96c3b833d838000fe911c1a437d96a558e550f27c53a8b332fb9dfc7cbb7ec44c
-Size (krb5-1.18.2.tar.gz) = 8713927 bytes
+SHA1 (krb5-1.18.3.tar.gz) = fdbb31fab5bdea24fc464d09bdbc245740648f1a
+RMD160 (krb5-1.18.3.tar.gz) = b8a3c3542433442e18984456773b0a2749fc6282
+SHA512 (krb5-1.18.3.tar.gz) = cf0bf6cf8f622fa085954e6da998d952cf64dc7ccc319972ed81ea0542089cabf2d0e8243df84da01ad6f40584768ca2f02d108630c6741fa7b3d7d98c887c01
+Size (krb5-1.18.3.tar.gz) = 8715312 bytes
SHA1 (patch-Makefile.in) = 24f915d7a4340b9a4a454b9b67c94147fdc49c34
SHA1 (patch-aclocal.m4) = 07b5d9ae38c74eaea6ba62aed9062dca1bf7f3fb
SHA1 (patch-build-tools_krb5-config.in) = 4ab922df1d86d86f9ef043f2c5cdf048c0477d3a
@@ -15,6 +15,7 @@
SHA1 (patch-config_pre.in) = 255973132db9327190211214c3e33b4551bd283b
SHA1 (patch-config_shlib.conf) = c47a647307e7d883e7c22528b7b0f5ad038cbcb3
SHA1 (patch-include_osconf.hin) = d31a8164f417bc31a787c8e16d1bd24f27b7140d
+SHA1 (patch-kadmin_cli_getdate.y) = 81fda2911fabdcfe88085dae69ff44ea0b0608a1
SHA1 (patch-kadmin_cli_ss_wrapper.c) = e32e6180f8d508cb2eb18489ce2fef0a1ad0f51d
SHA1 (patch-kprop_kproplog.c) = 9b751de7eb70d026b54e15275bb878bdb0ce52eb
SHA1 (patch-lib_apputils_Makefile.in) = 085004041a2bb8c4bb3074c2e71e71f22f4f06d7
@@ -26,6 +27,7 @@
SHA1 (patch-lib_krb5_ccache_Makefile.in) = 330ae21ec3b290ae16478c2c49a138acac5bf2fd
SHA1 (patch-plugins_kdb_db2_Makefile.in) = f374fc5915b735075fbb751ef736f4ce54abc289
SHA1 (patch-plugins_kdb_db2_libdb2_Makefile.in) = b4b7e8e4192b5e5318f1e42c49315789619f3ae9
+SHA1 (patch-plugins_kdb_ldap_ldap__util_Makefile.in) = 7aa0f44cc02c523c837e7e3e1766624d2323deb9
SHA1 (patch-plugins_preauth_otp_Makefile.in) = 8c779e3b37cab4138f300f4a09325387092c79f8
SHA1 (patch-plugins_preauth_pkinit_Makefile.in) = c778366d5bd1cae85424643a582013101fc9632d
SHA1 (patch-util_k5ev_verto-k5ev.c) = 8f074ddccbaaa03576f0302437aed3aaad1b738d
diff -r c949faf1b07b -r dec1b3d77ce5 security/mit-krb5/patches/patch-kadmin_cli_getdate.y
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/mit-krb5/patches/patch-kadmin_cli_getdate.y Sat Jan 16 09:00:22 2021 +0000
@@ -0,0 +1,23 @@
+$NetBSD: patch-kadmin_cli_getdate.y,v 1.1 2021/01/16 09:00:23 jperkin Exp $
+
+Backport upstream fix https://github.com/krb5/krb5/commit/d3356bc4
+
+--- kadmin/cli/getdate.y.orig 2020-11-17 17:17:59.000000000 +0000
++++ kadmin/cli/getdate.y
+@@ -185,12 +185,10 @@ static time_t yyRelSeconds;
+ enum _MERIDIAN Meridian;
+ }
+
+-%token tAGO tDAY tDAYZONE tID tMERIDIAN tMINUTE_UNIT tMONTH tMONTH_UNIT
+-%token tSEC_UNIT tSNUMBER tUNUMBER tZONE tDST tNEVER
+-
+-%type <Number> tDAY tDAYZONE tMINUTE_UNIT tMONTH tMONTH_UNIT
+-%type <Number> tSEC_UNIT tSNUMBER tUNUMBER tZONE
+-%type <Meridian> tMERIDIAN o_merid
++%token tAGO tID tDST tNEVER
++%token <Number> tDAY tDAYZONE tMINUTE_UNIT tMONTH tMONTH_UNIT
++%token <Number> tSEC_UNIT tSNUMBER tUNUMBER tZONE tMERIDIAN
++%type <Meridian> o_merid
+
+ %%
+
diff -r c949faf1b07b -r dec1b3d77ce5 security/mit-krb5/patches/patch-plugins_kdb_ldap_ldap__util_Makefile.in
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/mit-krb5/patches/patch-plugins_kdb_ldap_ldap__util_Makefile.in Sat Jan 16 09:00:22 2021 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-plugins_kdb_ldap_ldap__util_Makefile.in,v 1.1 2021/01/16 09:00:23 jperkin Exp $
+
+Pass YFLAGS.
+
+--- plugins/kdb/ldap/ldap_util/Makefile.in.orig 2020-11-17 17:17:59.000000000 +0000
++++ plugins/kdb/ldap/ldap_util/Makefile.in
+@@ -19,7 +19,7 @@ $(PROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KR
+
+ getdate.c: $(GETDATE)
+ $(RM) getdate.c y.tab.c
+- $(YACC) $(GETDATE)
++ $(YACC) $(YFLAGS) $(GETDATE)
+ $(MV) y.tab.c getdate.c
+
+ install:
Home |
Main Index |
Thread Index |
Old Index