add fix for CVE-2010-1323 from http://web.mit.edu/kerberos/advisories/2010-007-patch-r15.txtdiff -r1.49 -r1.50 pkgsrc/security/mit-krb5/Makefile
(tez)
| @@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.49 2010/05/20 14:21:23 tez Exp $ | 1 | # $NetBSD: Makefile,v 1.50 2010/12/03 20:11:31 tez Exp $ | |
| 2 | 2 | |||
| 3 | DISTNAME= krb5-1.4.2 | 3 | DISTNAME= krb5-1.4.2 | |
| 4 | PKGNAME= mit-${DISTNAME:S/-signed$//} | 4 | PKGNAME= mit-${DISTNAME:S/-signed$//} | |
| 5 | PKGREVISION= 10 | 5 | PKGREVISION= 11 | |
| 6 | CATEGORIES= security | 6 | CATEGORIES= security | |
| 7 | MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/1.4/ | 7 | MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/1.4/ | |
| 8 | DISTFILES= ${DISTNAME}-signed${EXTRACT_SUFX} | 8 | DISTFILES= ${DISTNAME}-signed${EXTRACT_SUFX} | |
| 9 | EXTRACT_SUFX= .tar | 9 | EXTRACT_SUFX= .tar | |
| 10 | 10 | |||
| 11 | MAINTAINER= tez@NetBSD.org | 11 | MAINTAINER= tez@NetBSD.org | |
| 12 | HOMEPAGE= http://web.mit.edu/kerberos/www/ | 12 | HOMEPAGE= http://web.mit.edu/kerberos/www/ | |
| 13 | COMMENT= MIT Kerberos 5 authentication system | 13 | COMMENT= MIT Kerberos 5 authentication system | |
| 14 | 14 | |||
| 15 | PKG_DESTDIR_SUPPORT= user-destdir | 15 | PKG_DESTDIR_SUPPORT= user-destdir | |
| 16 | MAKE_JOBS_SAFE= no | 16 | MAKE_JOBS_SAFE= no | |
| 17 | 17 | |||
| 18 | WRKSRC= ${WRKDIR}/${DISTNAME}/src | 18 | WRKSRC= ${WRKDIR}/${DISTNAME}/src |
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | $NetBSD: distinfo,v 1.25 2010/05/20 14:21:23 tez Exp $ | 1 | $NetBSD: distinfo,v 1.26 2010/12/03 20:11:31 tez Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (krb5-1.4.2-signed.tar) = bbc03bd319d539fb9523c2545d80ba0784522e88 | 3 | SHA1 (krb5-1.4.2-signed.tar) = bbc03bd319d539fb9523c2545d80ba0784522e88 | |
| 4 | RMD160 (krb5-1.4.2-signed.tar) = 44500f5fab8e5959cf43f17f5f52f68e2dc73a1f | 4 | RMD160 (krb5-1.4.2-signed.tar) = 44500f5fab8e5959cf43f17f5f52f68e2dc73a1f | |
| 5 | Size (krb5-1.4.2-signed.tar) = 6696960 bytes | 5 | Size (krb5-1.4.2-signed.tar) = 6696960 bytes | |
| 6 | SHA1 (patch-aa) = 17e0934ea2ef21b3457fba54cf3d1c36de2da479 | 6 | SHA1 (patch-aa) = 17e0934ea2ef21b3457fba54cf3d1c36de2da479 | |
| 7 | SHA1 (patch-ab) = 9650a9c8b6191d6feb99c01ba37b2e60f266e6e9 | 7 | SHA1 (patch-ab) = 9650a9c8b6191d6feb99c01ba37b2e60f266e6e9 | |
| 8 | SHA1 (patch-ac) = 10884715858367214a562d7d631312c7f8ca1e0e | 8 | SHA1 (patch-ac) = 10884715858367214a562d7d631312c7f8ca1e0e | |
| 9 | SHA1 (patch-ad) = c0beee554840aa80dba0e72bda21b4cf63ec2044 | 9 | SHA1 (patch-ad) = c0beee554840aa80dba0e72bda21b4cf63ec2044 | |
| 10 | SHA1 (patch-ae) = fc6d5e11cd827cdfbe1bfc3a3c7ca9f5a71c17d7 | 10 | SHA1 (patch-ae) = fc6d5e11cd827cdfbe1bfc3a3c7ca9f5a71c17d7 | |
| 11 | SHA1 (patch-af) = c9631743e3c93aee2aab5c8a370e9bebfc4084e5 | 11 | SHA1 (patch-af) = c9631743e3c93aee2aab5c8a370e9bebfc4084e5 | |
| 12 | SHA1 (patch-ag) = 5da57455f36a2bd40e0f97db94e93249e90e0b8e | 12 | SHA1 (patch-ag) = 5da57455f36a2bd40e0f97db94e93249e90e0b8e | |
| 13 | SHA1 (patch-ah) = 59a6bfc341a22234b38db406abe83b0d6d358a9f | 13 | SHA1 (patch-ah) = 59a6bfc341a22234b38db406abe83b0d6d358a9f | |
| 14 | SHA1 (patch-ai) = 5b0f1ae222e50eb0eb3ed98c79188318ae0969b5 | 14 | SHA1 (patch-ai) = 5b0f1ae222e50eb0eb3ed98c79188318ae0969b5 | |
| @@ -43,13 +43,17 @@ SHA1 (patch-bk) = 9bf37086a4e7661e8aacc2 | @@ -43,13 +43,17 @@ SHA1 (patch-bk) = 9bf37086a4e7661e8aacc2 | |||
| 43 | SHA1 (patch-bl) = d1239c8c8279680a97f7c555907ac1b4ccfca6b4 | 43 | SHA1 (patch-bl) = d1239c8c8279680a97f7c555907ac1b4ccfca6b4 | |
| 44 | SHA1 (patch-bm) = d8e46f448fa4a51e3b8a42279cf1ab54b0598dd3 | 44 | SHA1 (patch-bm) = d8e46f448fa4a51e3b8a42279cf1ab54b0598dd3 | |
| 45 | SHA1 (patch-bn) = 82c6f98474f31e1e231d3e89d6a24e20ec7fd123 | 45 | SHA1 (patch-bn) = 82c6f98474f31e1e231d3e89d6a24e20ec7fd123 | |
| 46 | SHA1 (patch-bo) = dcfeab32537f8b89e3ed6a52a69601e3e7822e35 | 46 | SHA1 (patch-bo) = dcfeab32537f8b89e3ed6a52a69601e3e7822e35 | |
| 47 | SHA1 (patch-bp) = 5308176a1229b5ac0d0f24eb2f657fdf48935f80 | 47 | SHA1 (patch-bp) = 5308176a1229b5ac0d0f24eb2f657fdf48935f80 | |
| 48 | SHA1 (patch-bq) = 546e2b0260e4197b44f1f5a6f7a03f72125c768b | 48 | SHA1 (patch-bq) = 546e2b0260e4197b44f1f5a6f7a03f72125c768b | |
| 49 | SHA1 (patch-br) = da7884aa9a1ba79e7e31416bf06f74bcc71b2c01 | 49 | SHA1 (patch-br) = da7884aa9a1ba79e7e31416bf06f74bcc71b2c01 | |
| 50 | SHA1 (patch-bs) = b652562c4e545d41fbbfa6676b10b68823ebfbd8 | 50 | SHA1 (patch-bs) = b652562c4e545d41fbbfa6676b10b68823ebfbd8 | |
| 51 | SHA1 (patch-bt) = 1398369698cc9c029957723c25dbdf53754cf373 | 51 | SHA1 (patch-bt) = 1398369698cc9c029957723c25dbdf53754cf373 | |
| 52 | SHA1 (patch-bu) = bf0688bd703c3dcfa27934e0a6bc43230251512e | 52 | SHA1 (patch-bu) = bf0688bd703c3dcfa27934e0a6bc43230251512e | |
| 53 | SHA1 (patch-bv) = b07fc44dcc577bffece1eb85f5f93e4c10a58e00 | 53 | SHA1 (patch-bv) = b07fc44dcc577bffece1eb85f5f93e4c10a58e00 | |
| 54 | SHA1 (patch-bw) = ffdf13931306b15b9282863926f769f079ffe8f9 | 54 | SHA1 (patch-bw) = ffdf13931306b15b9282863926f769f079ffe8f9 | |
| 55 | SHA1 (patch-bx) = d0e54b7e50f066c0680e982bb251c763e9104e24 | 55 | SHA1 (patch-bx) = d0e54b7e50f066c0680e982bb251c763e9104e24 | |
| 56 | SHA1 (patch-ca) = 93c234c007f2dafa0221d1bd1d3ed4953fc116c9 | |||
| 57 | SHA1 (patch-cb) = 9d892ed2993178085dd7df565afb794fe18f0f06 | |||
| 58 | SHA1 (patch-cc) = 6fe639b33da7756f6e9ad1a03e2f40d74ddb9c6d | |||
| 59 | SHA1 (patch-cd) = 8339ac4305865b8e540a0f1bb14c1f1478447c0b |
$NetBSD: patch-ca,v 1.1 2010/12/03 20:11:31 tez Exp $
CVE-2010-1323 fix
--- lib/crypto/keyed_checksum_types.c.orig 2010-12-03 11:36:00.476825900 -0600
+++ lib/crypto/keyed_checksum_types.c 2010-12-03 11:37:44.915328600 -0600
@@ -51,6 +51,15 @@
{
unsigned int i, c;
+ if (enctype == ENCTYPE_ARCFOUR_HMAC ||
+ enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
+ *count = 1;
+ if ((*cksumtypes = malloc(sizeof(krb5_cksumtype))) == NULL)
+ return(ENOMEM);
+ (*cksumtypes)[0] = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+ return(0);
+ }
+
c = 0;
for (i=0; i<krb5_cksumtypes_length; i++) {
if ((krb5_cksumtypes_list[i].keyhash &&
$NetBSD: patch-cb,v 1.1 2010/12/03 20:11:31 tez Exp $
CVE-2010-1323 fix
--- lib/crypto/dk/derive.c.orig 2010-12-03 11:38:08.683111800 -0600
+++ lib/crypto/dk/derive.c 2010-12-03 11:38:50.395857000 -0600
@@ -40,6 +40,8 @@
keybytes = enc->keybytes;
keylength = enc->keylength;
+ if (blocksize == 1)
+ return(KRB5_BAD_ENCTYPE);
if ((inkey->length != keylength) ||
(outkey->length != keylength))
return(KRB5_CRYPTO_INTERNAL);
$NetBSD: patch-cc,v 1.1 2010/12/03 20:11:31 tez Exp $
CVE-2010-1323 fix
--- lib/krb5/krb/preauth2.c.orig 2010-12-03 11:39:40.124063600 -0600
+++ lib/krb5/krb/preauth2.c 2010-12-03 11:41:33.300010400 -0600
@@ -665,7 +665,9 @@
cksum = sc2->sam_cksum;
- while (*cksum) {
+ for (; *cksum; cksum++) {
+ if (!krb5_c_is_keyed_cksum((*cksum)->checksum_type))
+ continue;
/* Check this cksum */
retval = krb5_c_verify_checksum(context, as_key,
KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM,
@@ -679,7 +681,6 @@
}
if (valid_cksum)
break;
- cksum++;
}
if (!valid_cksum) {
$NetBSD: patch-cd,v 1.1 2010/12/03 20:11:31 tez Exp $
CVE-2010-1323 fix
--- lib/krb5/krb/mk_safe.c.orig 2010-12-03 11:41:53.890970000 -0600
+++ lib/krb5/krb/mk_safe.c 2010-12-03 11:44:00.588325800 -0600
@@ -212,10 +212,29 @@
for (i = 0; i < nsumtypes; i++)
if (auth_context->safe_cksumtype == sumtypes[i])
break;
- if (i == nsumtypes)
- i = 0;
- sumtype = sumtypes[i];
krb5_free_cksumtypes (context, sumtypes);
+ if (i < nsumtypes)
+ sumtype = auth_context->safe_cksumtype;
+ else {
+ switch (keyblock->enctype) {
+ case ENCTYPE_DES_CBC_MD4:
+ sumtype = CKSUMTYPE_RSA_MD4_DES;
+ break;
+ case ENCTYPE_DES_CBC_MD5:
+ case ENCTYPE_DES_CBC_CRC:
+ sumtype = CKSUMTYPE_RSA_MD5_DES;
+ break;
+ default:
+ retval = krb5int_c_mandatory_cksumtype(context,
+ keyblock->enctype,
+ &sumtype);
+ if (retval) {
+ CLEANUP_DONE();
+ goto error;
+ }
+ break;
+ }
+ }
}
if ((retval = krb5_mk_safe_basic(context, userdata, keyblock, &replaydata,
plocal_fulladdr, premote_fulladdr,