kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
308934 commits 42 branches 80 tags 2.7 GiB
Commit graph

67 commits

Author SHA1 Message Date
Cy Schubert
a4fd0aa8da Replace local patch file with identical MIT patch. 
Security:	FreeBSD-SA-11:08.telnetd, CVE-2011-4862, MITKRB5-SA-2011-008
Feature safe:	yes
 2011-12-30 01:02:33 +00:00
Cy Schubert
bec162cca7 Fix when an encryption key is supplied via the TELNET protocol, its length 
is not validated before the key is copied into a fixed-size buffer.

Security:	FreeBSD-SA-11:08.telnetd, CVE-2011-4862
Feature safe:	yes
 2011-12-26 21:38:58 +00:00
Cy Schubert
e77de6bf9e Update 1.0.1 --> 1.0.2 
Feature safe:	yes
 2011-11-16 21:13:03 +00:00
Cy Schubert
7fdc13c337 Fix build under 9.0-CURRENT. 2011-09-01 05:08:54 +00:00
Cy Schubert
9830515729 Welcome to krb5-appl-1.0. MIT split the Kerberos applications from the 
base Kerberos distribution, creating krb5-appl.
 2010-04-26 03:54:16 +00:00
Cy Schubert
531428d00d Fix libtool 2.2 issue. 2009-10-13 06:24:28 +00:00
Cy Schubert
e7a3c62a9f Welcome the new Kerberos V 1.7. 
PR:		138246
 2009-08-28 23:35:15 +00:00
Cy Schubert
14ff4ec24c Fixes for multiple vulnerabilities. 
Security:	US-CERT Technical Cyber Security Alert TA08-079B --
			MIT Kerberos Updates for Multiple Vulnerabilities
		US-CERT Vulnerability Note VU#895609,
		US-CERT Vulnerability Note VU#374121
		MIT krb5 Security Advisory 2008-001
		MIT krb5 Security Advisory 2008-002
 2008-03-19 19:26:53 +00:00
Cy Schubert
55bf5d1092 Fix build under 7.0-PRERELEASE. 2007-10-29 22:49:49 +00:00
Cy Schubert
c44c48c59e Fix erroneous patch. 
PR:		117469
Submitted by:	Karen Andrews <dearmiss@optusnet.com.au>
 2007-10-25 21:15:23 +00:00
Cy Schubert
b4d312cbea Remove defunct (zero length) patch files. 
Pointy hat to:		yours truly
 2007-05-02 21:17:33 +00:00
Cy Schubert
9abfecf5f8 Update from 1.6 to 1.6.1. 2007-04-23 22:10:09 +00:00
Cy Schubert
ec9ba12ea8 MIT KRB5 Security patches: 
1. MIT krb5 Security Advisory 2007-001: Telnetd allows login as arbitrary user
   CVE: CVE-2007-0956
   CERT: VU#220816

2. MIT krb5 Security Advisory 2007-002: KDC, kadmind stack overflow in krb5_klog_syslog
   CVE: CVE-2007-0957
   CERT: VU#704024
 2007-04-04 21:12:17 +00:00
Cy Schubert
d3dd8048be Fix double-free vulnerability in kadmind (via GSS-API library). 
Obtained from:	MIT krb5 Security Advisory 2007-003
Security:	US-CERT Technical Cyber Security Alert TA07-093B -- MIT Kerberos Vulnerabilities
 2007-04-04 01:40:12 +00:00
Pav Lucistnik
0925dae118 - Fix after objformat removal 
Reported by:	pointyhat
 2007-03-28 17:31:59 +00:00
Cy Schubert
99854179ca Update 1.5.1 --> 1.6 
Security:	MITKRB5-SA-2006-002,  MITKRB5-SA-2006-003, and
		US-CERT Technical Cyber Security Alert TA07-009B
 2007-01-10 05:06:45 +00:00
Cy Schubert
f647e41ca2 Update krb5-1.5 --> krb5-1.5.1 
Submitted by:	Paul Vixie <paul@vix.com>
 2006-09-17 00:48:42 +00:00
Cy Schubert
b6bd339351 Cause the KDC to also listen on the loopback interface. This is useful 
for situations when the database is replicated to a secure environment
that does not have network access, by hand.
 2006-07-16 17:49:46 +00:00
Cy Schubert
1dd3375131 Fix plugin loader. This fixes krb5kdc and kdb5_util. 2006-07-16 16:15:08 +00:00
Cy Schubert
1a977f5454 Update 1.4.3 --> 1.5 2006-07-14 18:37:11 +00:00
Ade Lovett
8503536d38 Conversion to a single libtool environment. 
Approved by:	portmgr (kris)
 2006-02-23 10:40:44 +00:00
Cy Schubert
2a73db5a4a Improve runtime performance on Sparc 64 platform. 2005-11-25 19:40:48 +00:00
Cy Schubert
34e9c28ad3 Fix FreeBSD-4.11 build problem 
PR:		87888
 2005-11-08 18:51:23 +00:00
Cy Schubert
648578d925 Fix makeinfo problem under FreeBSD-6.0. 2005-11-01 04:01:11 +00:00
Cy Schubert
7d38b507de Update 1.4.1 --> 1.4.2 2005-10-04 22:09:08 +00:00
Cy Schubert
4871e2a3be Fix: 
- MIT KRB5 Security Advisory 2005-002: Buffer overflow, heap corruption in KDC

- MIT KRB5 Security Advisory 2005-003: Double free in krb5_recvauth
 2005-07-12 21:29:26 +00:00
Cy Schubert
3e28cf1baa Update 1.4 --> 1.4.1. 
Package list fixup when KRB5_KRB4_COMPAT is not specified.
 2005-04-23 01:49:07 +00:00
Cy Schubert
8c83b52bad Update 1.3.6 --> 1.4 2005-04-13 03:05:17 +00:00
Cy Schubert
9d07f2a70e Implement a fix for MITKRB5-SA-2005-001: buffer overflows in telnet client. 
Approved by:    portsmgr (krion)
Obtained from:  Tom Yu <tlyu@mit.edu> on kerberos-announce
 2005-03-31 18:46:44 +00:00
Cy Schubert
cba050d77c Update 1.3.4 --> 1.3.5 2004-10-20 20:20:06 +00:00
Cy Schubert
cc39dd6cdd Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilities 
in KDC and libraries

Heads-up by:	nectar
 2004-09-01 19:55:26 +00:00
Cy Schubert
e832541095 Fix MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service. 
Heads-up by:	nectar
 2004-09-01 15:01:20 +00:00
Cy Schubert
80b9496636 Update KRB5 1.3.3 --> 1.3.4 2004-06-11 23:08:57 +00:00
Cy Schubert
632f3977c2 Updated patch for MITKRB5-SA-2004-001: krb5_aname_to_localname buffer overrun. 
Obtained from:	Tom Yu <tlyu@mit.edu> on BUGTRAQ
 2004-06-04 16:37:32 +00:00
Cy Schubert
fe903ca9af Fix MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname 
Obtained from:	Tom Yu <tlyu@MIT.EDU> on kerberos-announce list
 2004-06-02 19:08:34 +00:00
Cy Schubert
b134e90243 Change to src/include/netdb.h 1.31 caused a compile error. This 
commit fixes that error.

Reported by:	bento
 2004-01-25 22:08:27 +00:00
Cy Schubert
df1d57b040 1. Fix pkg-plist. 
2. Fix build on -STABLE.

PR:		57128
 2003-11-08 23:08:25 +00:00
Cy Schubert
615d60baa1 Patch to fix compiles under -STABLE (RELENG_4). 
PR:		56169
Submitted by:	Sergey Matveychuk <sem@ciam.ru>
 2003-09-10 00:00:42 +00:00
Cy Schubert
dc590a57d4 Update 1.2.8 --> 1.3 2003-08-08 01:20:18 +00:00
Cy Schubert
c5dd5e6d13 Put SONAME entries into shared libraries. 
Submitted by:	wollman
 2003-05-07 21:43:40 +00:00
Cy Schubert
b19f46658c Update 1.2.7 --> 1.2.8. 2003-05-07 03:47:49 +00:00
Cy Schubert
af7a454fd3 Patches from: 
- MITKRB5-SA-2003-005:
       Buffer overrun and underrun in principal name handling

  - MITKRB5-SA-2003-004:
       Cryptographic weaknesses in Kerberos v4 protocol; KDC and realm
       compromise possible.

  - MITKRB5-SA-2003-003:
       Faulty length checks in xdrmem_getbytes may allow kadmind DoS.

  - Additional patches from RedHat.

Approved by:	kris (wearing his portmgr hat)
Obtained from:	MIT Website and Nalin Dahyabhai <nalin@redhat.com>
 2003-03-21 00:54:06 +00:00
Cy Schubert
e781a319dc Update 1.2.6 --> 1.2.7 
Note:	Since crypto-publish.org does not yet have krb5-1.2.7 up on their
	website, fetch from their site has been temporarily disabled.
 2002-11-16 00:02:13 +00:00
Cy Schubert
cf7aca2a64 Fix buffer overflow in kadmind4 (remote user can gain root access to 
KDC host).

Obtained from:	Tom Yu <tlyu@mit.edu> on kerberos-announce mailing list,
		MIT krb5 Security Advisory 2002-002
 2002-10-23 22:30:39 +00:00
Cy Schubert
495424cc3f Update 1.2.5 --> 1.2.6 
Note:	Since crypto-publish.org does not yet have krb5-1.2.6 up on their
	website, fetch from their site has been temporarily disabled.
 2002-09-13 13:46:48 +00:00
Jacques Vidrine
20b7146972 Correct Sun RPC buffer overflow. 
<URL:http://online.securityfocus.com/archive/1/285308>
<URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823>
 2002-08-02 18:22:45 +00:00
Cy Schubert
60b5569db4 Fix problem with V4 keys. We should get KRB5_KDB_NO_MATCHING_KEY, not 
ENOENT.  Obtained from /cvs/krbdev/krb5/src/kdc/kdc_preauth.c,v rev 5.31
in MIT KRB5 tree (fix etype info; wrong termination condition used in
get_etype_info).

Obtained from:	Sam Hartman <hartmans@mit.edu>
 2002-06-26 04:49:07 +00:00
Cy Schubert
c0f94d44f3 Update 1.2.2 -> 1.2.3 2002-01-16 03:17:24 +00:00
Cy Schubert
6108625cb9 In order to make the MIT KRB5 port compatible with FreeBSD, the port 
now makes use of login.conf and login.access.  This is performed by
using FreeBSD login(1) instead of MIT KRB5 login.krb5(8).

The MIT KRB5 login.krb5(8) can still be used by specifying "-L" in
the klogind and telnetd arguments in inetd.conf.  This is documented
in a new file called README.FreeBSD.

Reviewed by:	nectar
 2002-01-08 15:05:08 +00:00
Jacques Vidrine
dd4cf80985 = Modify `ksu' so that it uses the login cap database. Michael Allman 
<msa@dinosauricon.com> provided the original patches.

= For users outside of the US, point to www.crypto-publish.org for the
  distfiles.  It was Chris Knight <chris@aims.com.au>'s idea.

Submitted by:	Cy.Schubert@uumail.gov.bc.ca (MAINTAINER)
PR:		ports/29865
 2001-09-07 19:53:09 +00:00