Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_168720198324190"
MIME-Version: 1.0
Date: Mon, 19 Jun 2023 19:13:03 +0000
From: "Taylor R Campbell" <riastradh@netbsd.org>
Subject: CVS commit: pkgsrc/security/heimdal
To: pkgsrc-changes@NetBSD.org
Approved: commit_and_comment
Reply-To: riastradh@netbsd.org
Message-Id: <20230619191303.6CFD8FA89@cvs.NetBSD.org>

This is a multi-part message in MIME format.

--_----------=_168720198324190
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	riastradh
Date:		Mon Jun 19 19:13:03 UTC 2023

Modified Files:
	pkgsrc/security/heimdal: Makefile distinfo
Added Files:
	pkgsrc/security/heimdal/patches: patch-lib_krb5_store-int.c

Log Message:
security/heimdal: Patch CVE-2022-42898 away.


To generate a diff of this commit:
cvs rdiff -u -r1.159 -r1.160 pkgsrc/security/heimdal/Makefile
cvs rdiff -u -r1.56 -r1.57 pkgsrc/security/heimdal/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/security/heimdal/patches/patch-lib_krb5_store-int.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_168720198324190
Content-Disposition: inline
Content-Length: 2286
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/security/heimdal/Makefile
diff -u pkgsrc/security/heimdal/Makefile:1.159 pkgsrc/security/heimdal/Makefile:1.160
--- pkgsrc/security/heimdal/Makefile:1.159	Tue Jun  6 12:42:13 2023
+++ pkgsrc/security/heimdal/Makefile	Mon Jun 19 19:13:03 2023
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.159 2023/06/06 12:42:13 riastradh Exp $
+# $NetBSD: Makefile,v 1.160 2023/06/19 19:13:03 riastradh Exp $
 
 DISTNAME=	heimdal-7.8.0
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_GITHUB:=heimdal/}
 GITHUB_RELEASE=	${DISTNAME}

Index: pkgsrc/security/heimdal/distinfo
diff -u pkgsrc/security/heimdal/distinfo:1.56 pkgsrc/security/heimdal/distinfo:1.57
--- pkgsrc/security/heimdal/distinfo:1.56	Wed Feb  8 07:41:25 2023
+++ pkgsrc/security/heimdal/distinfo	Mon Jun 19 19:13:03 2023
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.56 2023/02/08 07:41:25 wiz Exp $
+$NetBSD: distinfo,v 1.57 2023/06/19 19:13:03 riastradh Exp $
 
 BLAKE2s (heimdal-7.8.0.tar.gz) = 3f2654141605a1f54611c887ec8a7f55e45b00696983207d5779ad830e485cb8
 SHA512 (heimdal-7.8.0.tar.gz) = 0167345aca77d65b7a1113874eee5b65ec6e1fec1f196d57e571265409fa35ef95a673a4fd4aafbb0ab5fb5b246b97412353a68d6613a8aff6393a9f1e72999e
 Size (heimdal-7.8.0.tar.gz) = 10024936 bytes
 SHA1 (patch-lib_gssapi_krb5_arcfour.c) = 7d70da6a8dfffd7f71eae70f1a6fa6fc18d0df3c
+SHA1 (patch-lib_krb5_store-int.c) = ba539b1cce3ac5a1e7e436dfcdcf632aa61e41e3

Added files:

Index: pkgsrc/security/heimdal/patches/patch-lib_krb5_store-int.c
diff -u /dev/null pkgsrc/security/heimdal/patches/patch-lib_krb5_store-int.c:1.1
--- /dev/null	Mon Jun 19 19:13:03 2023
+++ pkgsrc/security/heimdal/patches/patch-lib_krb5_store-int.c	Mon Jun 19 19:13:03 2023
@@ -0,0 +1,16 @@
+$NetBSD: patch-lib_krb5_store-int.c,v 1.1 2023/06/19 19:13:03 riastradh Exp $
+
+Fix CVE-2022-42898 for 32-bit systems.
+https://github.com/heimdal/heimdal/issues/1161
+
+--- lib/krb5/store-int.c.orig	2022-09-15 22:59:25.000000000 +0000
++++ lib/krb5/store-int.c
+@@ -49,7 +49,7 @@ KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_
+ _krb5_get_int64(void *buffer, uint64_t *value, size_t size)
+ {
+     unsigned char *p = buffer;
+-    unsigned long v = 0;
++    uint64_t v = 0;
+     size_t i;
+     for (i = 0; i < size; i++)
+ 	v = (v << 8) + p[i];


--_----------=_168720198324190--