CVS commit: pkgsrc/security/heimdal

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/heimdal
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Wed, 17 Nov 2021 08:46:02 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Wed Nov 17 08:46:02 UTC 2021

Modified Files:
        pkgsrc/security/heimdal: Makefile distinfo
Added Files:
        pkgsrc/security/heimdal/patches: patch-kdc_krb5tgs.c

Log Message:
heimdal: Fix CVE-2021-3671

Patch from samba

Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.150 -r1.151 pkgsrc/security/heimdal/Makefile
cvs rdiff -u -r1.52 -r1.53 pkgsrc/security/heimdal/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/heimdal/patches/patch-kdc_krb5tgs.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/heimdal/Makefile
diff -u pkgsrc/security/heimdal/Makefile:1.150 pkgsrc/security/heimdal/Makefile:1.151
--- pkgsrc/security/heimdal/Makefile:1.150      Fri Oct 22 07:31:54 2021
+++ pkgsrc/security/heimdal/Makefile    Wed Nov 17 08:46:02 2021
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.150 2021/10/22 07:31:54 wiz Exp $
+# $NetBSD: Makefile,v 1.151 2021/11/17 08:46:02 wiz Exp $
 
 DISTNAME=      heimdal-7.7.0
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    security
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=heimdal/}
 GITHUB_RELEASE=        ${DISTNAME}

Index: pkgsrc/security/heimdal/distinfo
diff -u pkgsrc/security/heimdal/distinfo:1.52 pkgsrc/security/heimdal/distinfo:1.53
--- pkgsrc/security/heimdal/distinfo:1.52       Fri Nov  5 09:14:28 2021
+++ pkgsrc/security/heimdal/distinfo    Wed Nov 17 08:46:02 2021
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.52 2021/11/05 09:14:28 wiz Exp $
+$NetBSD: distinfo,v 1.53 2021/11/17 08:46:02 wiz Exp $
 
 BLAKE2s (heimdal-7.7.0.tar.gz) = c56e08d20b8c4f7ce749e5dfbf643b2b8c0f1ca057719e95cc9eb69c48e49df6
 SHA512 (heimdal-7.7.0.tar.gz) = 6660939b5a36ce36310721a08a089fb671d1e3d2e8ac74ea4775bfa5f8f772d32de805551456200fe96cc486c092c44beb84f5dd877008bc305490ee971bbf99
 Size (heimdal-7.7.0.tar.gz) = 10189293 bytes
+SHA1 (patch-kdc_krb5tgs.c) = 76a5cd9031a44a51e5e11c1e1226ff1ae52b9628
 SHA1 (patch-lib_hdb_hdb-mitdb.c) = 37fd0cc328986e68212c4eaea106c422dea87192
 SHA1 (patch-lib_hx509_Makefile.in) = 1b691f89c71ace03898cbb6f167dcd1339ae46d3

Added files:

Index: pkgsrc/security/heimdal/patches/patch-kdc_krb5tgs.c
diff -u /dev/null pkgsrc/security/heimdal/patches/patch-kdc_krb5tgs.c:1.1
--- /dev/null   Wed Nov 17 08:46:02 2021
+++ pkgsrc/security/heimdal/patches/patch-kdc_krb5tgs.c Wed Nov 17 08:46:02 2021
@@ -0,0 +1,21 @@
+$NetBSD: patch-kdc_krb5tgs.c,v 1.1 2021/11/17 08:46:02 wiz Exp $
+
+Fix CVE-2021-3671
+Patch from samba
+https://gitlab.com/samba-team/samba/-/commit/0cb4b939f192376bf5e33637863a91a20f74c5a5
+via https://github.com/heimdal/heimdal/issues/849
+
+--- kdc/krb5tgs.c.orig 2019-06-07 06:21:39.000000000 +0000
++++ kdc/krb5tgs.c
+@@ -1660,6 +1660,11 @@ tgs_build_reply(krb5_context context,
+ 
+       s = &adtkt.cname;
+       r = adtkt.crealm;
++    } else if (s == NULL) {
++      ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
++      krb5_set_error_message(context, ret, "No server in request");
++      goto out;
++
+     }
+ 
+     _krb5_principalname2krb5_principal(context, &sp, *s, r);

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index