pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2004Q4]: pkgsrc/security/mit-krb5 Pullup ticket 182 - requeste...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/ce06c889dce9
branches:  pkgsrc-2004Q4
changeset: 485772:ce06c889dce9
user:      snj <snj%pkgsrc.org@localhost>
date:      Thu Dec 23 04:22:12 2004 +0000

description:
Pullup ticket 182 - requested by Johnny C. Lam
security fix for mit-krb5

Module Name:    pkgsrc
Committed By:   jlam
Date:           Thu Dec 23 04:02:39 UTC 2004

Modified Files:
        pkgsrc/security/mit-krb5: Makefile distinfo

Log Message:
Update security/mit-krb5 to 1.3.6.

        NOTE: THIS IS A SECURITY UPDATE.

Changes from version 1.3.4 include:

* [2841] Fix heap buffer overflow in password history
  mechanism. [MITKRB5-SA-2004-004]

* [2682] Fix ftpd hang caused by empty PASS command.

* [2686] Fix double-free errors. [MITKRB5-SA-2004-002]

* [2687] Fix denial-of-service vulnerability in ASN.1
  decoder. [MITKRB5-SA-2004-003]

diffstat:

 security/mit-krb5/Makefile |  40 +++++++++++++---------------------------
 security/mit-krb5/distinfo |  10 +++-------
 2 files changed, 16 insertions(+), 34 deletions(-)

diffs (81 lines):

diff -r 21738d7cfd79 -r ce06c889dce9 security/mit-krb5/Makefile
--- a/security/mit-krb5/Makefile        Thu Dec 23 03:46:53 2004 +0000
+++ b/security/mit-krb5/Makefile        Thu Dec 23 04:22:12 2004 +0000
@@ -1,9 +1,11 @@
-# $NetBSD: Makefile,v 1.14 2004/10/03 00:18:10 tv Exp $
+# $NetBSD: Makefile,v 1.14.2.1 2004/12/23 04:22:12 snj Exp $
 
-DISTNAME=      krb5-1.3.4
-PKGNAME=       mit-${DISTNAME}
-PKGREVISION=   3
+DISTNAME=      krb5-1.3.6
+PKGNAME=       mit-${DISTNAME:S/-signed$//}
 CATEGORIES=    security
+MASTER_SITES=  http://web.mit.edu/kerberos/dist/krb5/1.3/
+DISTFILES=     ${DISTNAME}-signed${EXTRACT_SUFX}
+EXTRACT_SUFX=  .tar
 
 MAINTAINER=    jlam%NetBSD.org@localhost
 HOMEPAGE=      http://web.mit.edu/kerberos/www/
@@ -15,29 +17,6 @@
 
 .include "../../mk/bsd.prefs.mk"
 
-USE_MIT_KRB5_MASTER_SITE?=     yes
-.if !empty(USE_MIT_KRB5_MASTER_SITE:M[yY][eE][sS])
-MASTER_SITES=  http://web.mit.edu/kerberos/dist/krb5/1.3/
-EXTRACT_SUFX=  .tar
-
-post-extract:
-       cd ${WRKDIR} && ${PAX} -O -rzf ${WRKDIR}/${DISTNAME}.tar.gz
-.else
-MASTER_SITES=  http://www.crypto-publish.org/dist/mit-kerberos5/ \
-               http://www.mirrors.wiretapped.net/security/cryptography/apps/kerberos/krb5-mit/unix/
-EXTRACT_SUFX=  .tar.gz
-.endif
-
-# Patches to fix MIT-krb5 security advisories.
-MITKRB5_SA_2004_002_PATCH=     2004-002-patch_1.3.4.txt
-MITKRB5_SA_2004_003_PATCH=     2004-003-patch_1.3.4.txt
-.for _patch_ in ${MITKRB5_SA_2004_002_PATCH} ${MITKRB5_SA_2004_003_PATCH}
-PATCHFILES+=                   ${_patch_}
-SITES_${_patch_}=              http://web.mit.edu/kerberos/advisories/
-PATCH_DIST_STRIP.${_patch_}=   -p1
-PATCH_DIST_CAT.${_patch_}=     ${CAT} ${_patch_}
-.endfor
-
 CONFLICTS+=    heimdal-[0-9]*
 CONFLICTS+=    kth-krb4-[0-9]*
 
@@ -114,6 +93,13 @@
 
 INSTALLATION_DIRS=     bin info lib sbin
 
+# The MIT krb5 distribution is actually a tar file that contains the
+# real .tar.gz distfile and a PGP signature.
+#
+post-extract:
+       @extract_file="${WRKDIR}/${DISTNAME}.tar.gz";                   \
+       cd ${WRKDIR} && ${EXTRACT_CMD}
+
 pre-configure:
        @cd ${WRKSRC}; ${FIND} . -name configure -print |               \
        ${XARGS} -n 1 ${DIRNAME} |                                      \
diff -r 21738d7cfd79 -r ce06c889dce9 security/mit-krb5/distinfo
--- a/security/mit-krb5/distinfo        Thu Dec 23 03:46:53 2004 +0000
+++ b/security/mit-krb5/distinfo        Thu Dec 23 04:22:12 2004 +0000
@@ -1,11 +1,7 @@
-$NetBSD: distinfo,v 1.6 2004/09/07 01:47:28 jlam Exp $
+$NetBSD: distinfo,v 1.6.4.1 2004/12/23 04:22:12 snj Exp $
 
-SHA1 (krb5-1.3.4.tar) = 4d6ae36055fce9d2aea5ae9349cdd81f803c6052
-Size (krb5-1.3.4.tar) = 6369280 bytes
-SHA1 (2004-002-patch_1.3.4.txt) = 20bc11080433a1025f3f0f03a88664d4c055e6f9
-Size (2004-002-patch_1.3.4.txt) = 7196 bytes
-SHA1 (2004-003-patch_1.3.4.txt) = 81c12ad33e4b5a76cd309deec23e4578773e22d5
-Size (2004-003-patch_1.3.4.txt) = 592 bytes
+SHA1 (krb5-1.3.6-signed.tar) = 5d9c7a594a0fc972d220e5bc345e8680a89e7b6d
+Size (krb5-1.3.6-signed.tar) = 6533120 bytes
 SHA1 (patch-aa) = 2f4e62e7c8cdee2f58f8dd5b385faea0253c0aa5
 SHA1 (patch-ab) = b9f2f54f9ecfe9eaa168bb68b695a454ac044b9d
 SHA1 (patch-ac) = e1282a6f00e439d83444f5d8f81dceab863ab1d5



Home | Main Index | Thread Index | Old Index