Mon Aug 20 08:16:26 2012 UTC ()
Changes 1.10.3:
This is a bugfix release.
* Fix KDC uninitialized pointer vulnerabilities that could lead to a denial of
  service [CVE-2012-1014] or remote code execution [CVE-2012-1015].
* Correctly use default_tgs_enctypes instead of default_tkt_enctypes for TGS
  requests.


(adam)
diff -r1.59 -r1.60 pkgsrc/security/mit-krb5/Makefile
diff -r1.35 -r1.36 pkgsrc/security/mit-krb5/distinfo
cvs diff -r1.59 -r1.60 pkgsrc/security/mit-krb5/Makefile (expand / switch to unified diff)

--- pkgsrc/security/mit-krb5/Makefile 2012/08/09 20:15:20 1.59
+++ pkgsrc/security/mit-krb5/Makefile 2012/08/20 08:16:26 1.60
@@ -1,18 +1,17 @@ @@ -1,18 +1,17 @@
1# $NetBSD: Makefile,v 1.59 2012/08/09 20:15:20 marino Exp $ 1# $NetBSD: Makefile,v 1.60 2012/08/20 08:16:26 adam Exp $
2 2
3DISTNAME= krb5-1.10.2 3DISTNAME= krb5-1.10.3
4PKGNAME= mit-${DISTNAME} 4PKGNAME= mit-${DISTNAME}
5PKGREVISION= 1 
6CATEGORIES= security 5CATEGORIES= security
7MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PKGVERSION_NOREV:R}/ 6MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PKGVERSION_NOREV:R}/
8EXTRACT_SUFX= .tar 7EXTRACT_SUFX= .tar
9DISTFILES= ${DISTNAME}-signed${EXTRACT_SUFX} 8DISTFILES= ${DISTNAME}-signed${EXTRACT_SUFX}
10 9
11#PATCH_SITES= http://web.mit.edu/kerberos/advisories/ 10#PATCH_SITES= http://web.mit.edu/kerberos/advisories/
12#PATCHFILES= 2011-006-patch-r18.txt 11#PATCHFILES= 2011-006-patch-r18.txt
13 12
14MAINTAINER= tez@NetBSD.org 13MAINTAINER= tez@NetBSD.org
15HOMEPAGE= http://web.mit.edu/kerberos/ 14HOMEPAGE= http://web.mit.edu/kerberos/
16COMMENT= MIT Kerberos 5 authentication system 15COMMENT= MIT Kerberos 5 authentication system
17 16
18PKG_DESTDIR_SUPPORT= user-destdir 17PKG_DESTDIR_SUPPORT= user-destdir
cvs diff -r1.35 -r1.36 pkgsrc/security/mit-krb5/distinfo (expand / switch to unified diff)

--- pkgsrc/security/mit-krb5/distinfo 2012/07/16 19:12:33 1.35
+++ pkgsrc/security/mit-krb5/distinfo 2012/08/20 08:16:26 1.36
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1$NetBSD: distinfo,v 1.35 2012/07/16 19:12:33 adam Exp $ 1$NetBSD: distinfo,v 1.36 2012/08/20 08:16:26 adam Exp $
2 2
3SHA1 (krb5-1.10.2-signed.tar) = 8b6e2c5bf0c65aacd368b3698add7888f2a7332d 3SHA1 (krb5-1.10.3-signed.tar) = 04ab9837e5d1958158bcb30bd6480201089a0cbb
4RMD160 (krb5-1.10.2-signed.tar) = 7d8c4a04389695082fd5c95767e49ca560ad953c 4RMD160 (krb5-1.10.3-signed.tar) = a1c370c8d39106e8e27651f78520e1cc93154731
5Size (krb5-1.10.2-signed.tar) = 11520000 bytes 5Size (krb5-1.10.3-signed.tar) = 11530240 bytes
6SHA1 (patch-aa) = 941848a1773dfbe51dff3134d4b8504a850a958d 6SHA1 (patch-aa) = 941848a1773dfbe51dff3134d4b8504a850a958d
7SHA1 (patch-ad) = b56a7218007560470179dd811c84b8c690c966ac 7SHA1 (patch-ad) = b56a7218007560470179dd811c84b8c690c966ac
8SHA1 (patch-ae) = c7395b9de5baf6612b8787fad55dbc051a680bfd 8SHA1 (patch-ae) = c7395b9de5baf6612b8787fad55dbc051a680bfd
9SHA1 (patch-af) = 1edab3a5f7eb6a7c5dc287e94ae4401c389dbabf 9SHA1 (patch-af) = 1edab3a5f7eb6a7c5dc287e94ae4401c389dbabf
10SHA1 (patch-ag) = 48c0ce35324f5757134c1c5da666bb0cb7a3aaa6 10SHA1 (patch-ag) = 48c0ce35324f5757134c1c5da666bb0cb7a3aaa6
11SHA1 (patch-ah) = 4e40f36e8969974b3c2f68b2e3636921133c57ba 11SHA1 (patch-ah) = 4e40f36e8969974b3c2f68b2e3636921133c57ba
12SHA1 (patch-aj) = 8a00ca30db3c9c3c9a2f7506cdc4c5b20f7f42c6 12SHA1 (patch-aj) = 8a00ca30db3c9c3c9a2f7506cdc4c5b20f7f42c6
13SHA1 (patch-ak) = 19d9b15048a5920ee15c82b33da50c40cf400e46 13SHA1 (patch-ak) = 19d9b15048a5920ee15c82b33da50c40cf400e46
14SHA1 (patch-al) = 7445639b82eadf9b1feb1448c1654fa6ddc937aa 14SHA1 (patch-al) = 7445639b82eadf9b1feb1448c1654fa6ddc937aa
15SHA1 (patch-cf) = 806b089d3b12ea9a17c6caab59cbdeb6ec17bbc3 15SHA1 (patch-cf) = 806b089d3b12ea9a17c6caab59cbdeb6ec17bbc3
16SHA1 (patch-cg) = 30b1e8943b0cbe67f37bac6883f4bdd82776e6d1 16SHA1 (patch-cg) = 30b1e8943b0cbe67f37bac6883f4bdd82776e6d1
17SHA1 (patch-ch) = 0f7f45aeb52907b52a2b143c3a2e36a7656c68c5 17SHA1 (patch-ch) = 0f7f45aeb52907b52a2b143c3a2e36a7656c68c5
18SHA1 (patch-ci) = 4e310f0a4dfe27cf94d0e63d623590691b6c5970 18SHA1 (patch-ci) = 4e310f0a4dfe27cf94d0e63d623590691b6c5970