Sun Oct 15 12:06:58 2017 UTC ()
Pullup ticket #5569 - requested by sevan
security/mit-krb5: security update

Revisions pulled up:
- security/mit-krb5/Makefile                                    1.95
- security/mit-krb5/distinfo                                    1.62
- security/mit-krb5/patches/patch-CVE-2017-11368                deleted

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tez
   Date:           Tue Oct 10 21:22:53 UTC 2017

   Modified Files:
           pkgsrc/security/mit-krb5: Makefile distinfo
   Removed Files:
           pkgsrc/security/mit-krb5/patches: patch-CVE-2017-11368

   Log Message:
   mit-krb5: update to 1.14.6

   Major changes in 1.14.6 (2017-09-25)

   This is a bug fix release.

       Fix a KDC denial of service vulnerability caused by unset status
   strings [CVE-2017-11368]
       Preserve GSS contexts on init/accept failure [CVE-2017-11462]
       Fix kadm5 setkey operation with LDAP KDB module
       Use a ten-second timeout after successful connection for HTTPS KDC
   requests, as we do for TCP requests
       Fix client null dereference when KDC offers encrypted challenge
   without FAST

   To generate a diff of this commit:
   cvs rdiff -u -r1.94 -r1.95 pkgsrc/security/mit-krb5/Makefile
   cvs rdiff -u -r1.61 -r1.62 pkgsrc/security/mit-krb5/distinfo
   cvs rdiff -u -r1.1 -r0 pkgsrc/security/mit-krb5/patches/patch-CVE-2017-11368


(spz)
diff -r1.94 -r1.94.4.1 pkgsrc/security/mit-krb5/Makefile
diff -r1.61 -r1.61.4.1 pkgsrc/security/mit-krb5/distinfo
diff -r1.1 -r0 pkgsrc/security/mit-krb5/patches/patch-CVE-2017-11368
cvs diff -r1.94 -r1.94.4.1 pkgsrc/security/mit-krb5/Makefile (expand / switch to unified diff)

--- pkgsrc/security/mit-krb5/Makefile 2017/08/21 22:19:26 1.94
+++ pkgsrc/security/mit-krb5/Makefile 2017/10/15 12:06:58 1.94.4.1
@@ -1,18 +1,17 @@ @@ -1,18 +1,17 @@
1# $NetBSD: Makefile,v 1.94 2017/08/21 22:19:26 tez Exp $ 1# $NetBSD: Makefile,v 1.94.4.1 2017/10/15 12:06:58 spz Exp $
2 2
3DISTNAME= krb5-1.14.5 3DISTNAME= krb5-1.14.6
4PKGNAME= mit-${DISTNAME} 4PKGNAME= mit-${DISTNAME}
5PKGREVISION= 1 
6CATEGORIES= security 5CATEGORIES= security
7MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PKGVERSION_NOREV:R}/ 6MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PKGVERSION_NOREV:R}/
8EXTRACT_SUFX= .tar.gz 7EXTRACT_SUFX= .tar.gz
9DISTFILES= ${DISTNAME}${EXTRACT_SUFX} 8DISTFILES= ${DISTNAME}${EXTRACT_SUFX}
10 9
11#PATCH_SITES= http://web.mit.edu/kerberos/advisories/ 10#PATCH_SITES= http://web.mit.edu/kerberos/advisories/
12#PATCHFILES= 2014-001-patch.txt 11#PATCHFILES= 2014-001-patch.txt
13 12
14MAINTAINER= tez@NetBSD.org 13MAINTAINER= tez@NetBSD.org
15HOMEPAGE= http://web.mit.edu/kerberos/ 14HOMEPAGE= http://web.mit.edu/kerberos/
16COMMENT= MIT Kerberos 5 authentication system 15COMMENT= MIT Kerberos 5 authentication system
17 16
18MAKE_JOBS_SAFE= no 17MAKE_JOBS_SAFE= no
cvs diff -r1.61 -r1.61.4.1 pkgsrc/security/mit-krb5/distinfo (expand / switch to unified diff)

--- pkgsrc/security/mit-krb5/distinfo 2017/08/21 22:19:26 1.61
+++ pkgsrc/security/mit-krb5/distinfo 2017/10/15 12:06:58 1.61.4.1
@@ -1,19 +1,19 @@ @@ -1,19 +1,19 @@
1$NetBSD: distinfo,v 1.61 2017/08/21 22:19:26 tez Exp $ 1$NetBSD: distinfo,v 1.61.4.1 2017/10/15 12:06:58 spz Exp $
2 2
3SHA1 (krb5-1.14.5.tar.gz) = 3b8d8c4a09350f8807a8e6eb9971617755a4521f 3SHA1 (krb5-1.14.6.tar.gz) = ea7928a3368ae6d8ecf29a70f70598091f226740
4RMD160 (krb5-1.14.5.tar.gz) = 673087853a1ce9551d69516e01fbfd888feff717 4RMD160 (krb5-1.14.6.tar.gz) = 7e9f8192845d11108a3c48dd707d7d4bc5dd0a29
5SHA512 (krb5-1.14.5.tar.gz) = 2484f9581b5e0b99cc49ba7f8770ea3a8751e756c98cc552d92ca223575eac58f6f1a9c268254ead4435d2d49b50ccf3181eb7bdbd56874c43f91bcfc2a66d3b 5SHA512 (krb5-1.14.6.tar.gz) = 8a88193e40aa60bb10dc57028a7c83aaac48cfded5d369b9f5383851854f1ea3df3587f7bce8b22d4e5cf2ce5825eb37c8d85684abad29da04db34e8f7962ca7
6Size (krb5-1.14.5.tar.gz) = 12322802 bytes 6Size (krb5-1.14.6.tar.gz) = 12326355 bytes
7SHA1 (patch-CVE-2017-11368) = 91551099d48690c051ada72889bc645706775eb1 7SHA1 (patch-CVE-2017-11368) = 91551099d48690c051ada72889bc645706775eb1
8SHA1 (patch-Makefile.in) = 11ead9de708f4da99233b66df2cf906b156faa87 8SHA1 (patch-Makefile.in) = 11ead9de708f4da99233b66df2cf906b156faa87
9SHA1 (patch-aa) = 941848a1773dfbe51dff3134d4b8504a850a958d 9SHA1 (patch-aa) = 941848a1773dfbe51dff3134d4b8504a850a958d
10SHA1 (patch-ae) = c7395b9de5baf6612b8787fad55dbc051a680bfd 10SHA1 (patch-ae) = c7395b9de5baf6612b8787fad55dbc051a680bfd
11SHA1 (patch-aj) = 4ab922df1d86d86f9ef043f2c5cdf048c0477d3a 11SHA1 (patch-aj) = 4ab922df1d86d86f9ef043f2c5cdf048c0477d3a
12SHA1 (patch-al) = 7445639b82eadf9b1feb1448c1654fa6ddc937aa 12SHA1 (patch-al) = 7445639b82eadf9b1feb1448c1654fa6ddc937aa
13SHA1 (patch-cf) = 806b089d3b12ea9a17c6caab59cbdeb6ec17bbc3 13SHA1 (patch-cf) = 806b089d3b12ea9a17c6caab59cbdeb6ec17bbc3
14SHA1 (patch-cg) = 30b1e8943b0cbe67f37bac6883f4bdd82776e6d1 14SHA1 (patch-cg) = 30b1e8943b0cbe67f37bac6883f4bdd82776e6d1
15SHA1 (patch-cj) = 78342f649f8e9d3a3b5a4f83e65b6c46f589586b 15SHA1 (patch-cj) = 78342f649f8e9d3a3b5a4f83e65b6c46f589586b
16SHA1 (patch-config_lib.in) = 974db26486b3239e4fcd53be7280b32c802f6007 16SHA1 (patch-config_lib.in) = 974db26486b3239e4fcd53be7280b32c802f6007
17SHA1 (patch-config_libnover.in) = 53f539cf98a961483e2b4ccf278c7376dbcf52d9 17SHA1 (patch-config_libnover.in) = 53f539cf98a961483e2b4ccf278c7376dbcf52d9
18SHA1 (patch-config_pre.in) = 9b02fd3db8785ff570885eeca7ad377a315b6317 18SHA1 (patch-config_pre.in) = 9b02fd3db8785ff570885eeca7ad377a315b6317
19SHA1 (patch-config_shlib.conf) = c47a647307e7d883e7c22528b7b0f5ad038cbcb3 19SHA1 (patch-config_shlib.conf) = c47a647307e7d883e7c22528b7b0f5ad038cbcb3
File Deleted: pkgsrc/security/mit-krb5/patches/Attic/patch-CVE-2017-11368