pkgsrc-changes: CVS commit: [pkgsrc-2005Q4] pkgsrc/security/heimdal

Subject: CVS commit: [pkgsrc-2005Q4] pkgsrc/security/heimdal
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 02/08/2006 15:59:36
Module Name:	pkgsrc
Committed By:	salo
Date:		Wed Feb  8 15:59:35 UTC 2006

Modified Files:
	pkgsrc/security/heimdal [pkgsrc-2005Q4]: Makefile distinfo
Removed Files:
	pkgsrc/security/heimdal/patches [pkgsrc-2005Q4]: patch-ab patch-ae
	    patch-af patch-ag patch-ah patch-ai patch-aj patch-ak

Log Message:
Pullup ticket 1106 - requested by Love Hornquist Astrand
security update for heimdal

Revisions pulled up:
- pkgsrc/security/heimdal/Makefile		1.54
- pkgsrc/security/heimdal/distinfo		1.19
- pkgsrc/security/heimdal/patches/patch-ab	removed
- pkgsrc/security/heimdal/patches/patch-ak	removed
- pkgsrc/security/heimdal/patches/patch-ae	removed
- pkgsrc/security/heimdal/patches/patch-af	removed
- pkgsrc/security/heimdal/patches/patch-ag	removed
- pkgsrc/security/heimdal/patches/patch-ah	removed
- pkgsrc/security/heimdal/patches/patch-ai	removed
- pkgsrc/security/heimdal/patches/patch-aj	removed

   Module Name:		pkgsrc
   Committed By:	lha
   Date:		Tue Feb  7 12:20:52 UTC 2006

   Modified Files:
   	pkgsrc/security/heimdal: Makefile distinfo
   Removed Files:
   	pkgsrc/security/heimdal/patches: patch-ab patch-ae patch-af
   	    patch-ag patch-ah patch-ai patch-aj patch-ak

   Log Message:
   http://www.pdc.kth.se/heimdal/releases/0.7.2/
   http://www.pdc.kth.se/heimdal/advisory/2006-02-06/

   Changes in Heimdal 0.7.2

   * Fix security problem in rshd that enable an attacker to overwrite
     and change ownership of any file that root could write.
   * Fix a DOS in telnetd. The attacker could force the server to crash
     in a NULL de-reference before the user logged in, resulting in inetd
     turning telnetd off because it forked too fast.
   * Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name
     exists in the keytab before returning success. This allows servers
     to check if its even possible to use GSSAPI.
   * Fix receiving end of token delegation for GSS-API. It still wrongly
     uses subkey for sending for compatibility reasons, this will change
     in 0.8.
   * telnetd, login and rshd are now more verbose in logging failed and
     successful logins.
   * Bug fixes


To generate a diff of this commit:
cvs rdiff -r1.49 -r1.49.2.1 pkgsrc/security/heimdal/Makefile
cvs rdiff -r1.18 -r1.18.2.1 pkgsrc/security/heimdal/distinfo
cvs rdiff -r1.2 -r0 pkgsrc/security/heimdal/patches/patch-ab \
    pkgsrc/security/heimdal/patches/patch-ak
cvs rdiff -r1.5 -r0 pkgsrc/security/heimdal/patches/patch-ae
cvs rdiff -r1.3 -r0 pkgsrc/security/heimdal/patches/patch-af \
    pkgsrc/security/heimdal/patches/patch-ag \
    pkgsrc/security/heimdal/patches/patch-ah
cvs rdiff -r1.1 -r0 pkgsrc/security/heimdal/patches/patch-ai \
    pkgsrc/security/heimdal/patches/patch-aj

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.