pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/heimdal heimdal: Fix CVE-2021-3671
details: https://anonhg.NetBSD.org/pkgsrc/rev/6c01ad24cd82
branches: trunk
changeset: 769615:6c01ad24cd82
user: wiz <wiz%pkgsrc.org@localhost>
date: Wed Nov 17 08:46:02 2021 +0000
description:
heimdal: Fix CVE-2021-3671
Patch from samba
Bump PKGREVISION.
diffstat:
security/heimdal/Makefile | 4 ++--
security/heimdal/distinfo | 3 ++-
security/heimdal/patches/patch-kdc_krb5tgs.c | 21 +++++++++++++++++++++
3 files changed, 25 insertions(+), 3 deletions(-)
diffs (51 lines):
diff -r 6323803a0068 -r 6c01ad24cd82 security/heimdal/Makefile
--- a/security/heimdal/Makefile Wed Nov 17 08:39:04 2021 +0000
+++ b/security/heimdal/Makefile Wed Nov 17 08:46:02 2021 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.150 2021/10/22 07:31:54 wiz Exp $
+# $NetBSD: Makefile,v 1.151 2021/11/17 08:46:02 wiz Exp $
DISTNAME= heimdal-7.7.0
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_GITHUB:=heimdal/}
GITHUB_RELEASE= ${DISTNAME}
diff -r 6323803a0068 -r 6c01ad24cd82 security/heimdal/distinfo
--- a/security/heimdal/distinfo Wed Nov 17 08:39:04 2021 +0000
+++ b/security/heimdal/distinfo Wed Nov 17 08:46:02 2021 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.52 2021/11/05 09:14:28 wiz Exp $
+$NetBSD: distinfo,v 1.53 2021/11/17 08:46:02 wiz Exp $
BLAKE2s (heimdal-7.7.0.tar.gz) = c56e08d20b8c4f7ce749e5dfbf643b2b8c0f1ca057719e95cc9eb69c48e49df6
SHA512 (heimdal-7.7.0.tar.gz) = 6660939b5a36ce36310721a08a089fb671d1e3d2e8ac74ea4775bfa5f8f772d32de805551456200fe96cc486c092c44beb84f5dd877008bc305490ee971bbf99
Size (heimdal-7.7.0.tar.gz) = 10189293 bytes
+SHA1 (patch-kdc_krb5tgs.c) = 76a5cd9031a44a51e5e11c1e1226ff1ae52b9628
SHA1 (patch-lib_hdb_hdb-mitdb.c) = 37fd0cc328986e68212c4eaea106c422dea87192
SHA1 (patch-lib_hx509_Makefile.in) = 1b691f89c71ace03898cbb6f167dcd1339ae46d3
diff -r 6323803a0068 -r 6c01ad24cd82 security/heimdal/patches/patch-kdc_krb5tgs.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/heimdal/patches/patch-kdc_krb5tgs.c Wed Nov 17 08:46:02 2021 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-kdc_krb5tgs.c,v 1.1 2021/11/17 08:46:02 wiz Exp $
+
+Fix CVE-2021-3671
+Patch from samba
+https://gitlab.com/samba-team/samba/-/commit/0cb4b939f192376bf5e33637863a91a20f74c5a5
+via https://github.com/heimdal/heimdal/issues/849
+
+--- kdc/krb5tgs.c.orig 2019-06-07 06:21:39.000000000 +0000
++++ kdc/krb5tgs.c
+@@ -1660,6 +1660,11 @@ tgs_build_reply(krb5_context context,
+
+ s = &adtkt.cname;
+ r = adtkt.crealm;
++ } else if (s == NULL) {
++ ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
++ krb5_set_error_message(context, ret, "No server in request");
++ goto out;
++
+ }
+
+ _krb5_principalname2krb5_principal(context, &sp, *s, r);
Home |
Main Index |
Thread Index |
Old Index