- move (copy) krb5 (krb5 1.13.2) to krb5-113 (new, added)
- update krb5 1.13.2 --> 1.14
- update CONFLICTS in krb5, krb5-112 and krb5-113.
- update krb5-appl to allow optional dependency on krb5-113.
- update security/Makefile with copied krb5-113.
- deprecate and expire krb5-112 (krb5-1.12) on November 20, 2016, as it
will EOL twelve months after the release of krb5-1.14.
workaround due to libtool not working with 11-CURRENT at the time.
The workaround now causes grief under 11-CURRENT and needs to be
removed.
PR: 202782
- Add --localstatedir=/var to _LATE_CONFIGURE_ARGS (like --mandir) but not
when CONFIGURE_ARGS already sets it. (GNU configure scripts set it to
PREFIX/var when PREFIX != /usr.)
- Add --localstatedir="${PREFIX}/var" to CONFIGURE_ARGS in some ports so
they aren't affected by this change (for now at least). This commit is
meant to ensure that new ports don't make the same mistake.
- games/acm: the configure script in this port is very old; instead of
patching it more, just replace GNU_CONFIGURE with HAS_CONFIGURE.
- irc/charybdis: it already used /var but adding --localstatedir=/var
changed the behaviour of the configure script; adjust the port to this.
PR: 199506
Exp-run by: antoine
Approved by: portmgr (antoine)
- Libraries are not installed stripped;
- pkgconfig files should be installed to libdata;
- Use of deprecated @dirrm[try]
PR: PR/197338
Submitted by: delphij
1.11 remains a maintenance release.
- Update security/krb5 1.12.2 --> 1.13
- Copy the old security/krb5 1.12.2 to security/krb5-112
(now a maintenance release supported by MIT)
- Move the old krb5-maint (1.11.5: old maintenance release) to
security/krb5-111 (the old maintenance release still supported by MIT)
Adjust the newly created krb5-maint with a new portname and conflicts.
Krb5-maint is a maintenance release for those who wish to use the previous
release of krb5. krb5-maint remains at 1.11.3.
Adjust CONFLICTS in security/heimdal and security/srp to account for the
newly repocopied krb5-maint.
Adjust security/Makefile to include krb5-maint.
This is a bugfix release.
* Fix a UDP ping-pong vulnerability in the kpasswd (password changing)
service. [CVE-2002-2443]
* Improve interoperability with some Windows native PKINIT clients.
Security: CVE-2002-2443
Major changes in 1.11.2 (2013-04-12)
====================================
This is a bugfix release.
* Incremental propagation could erroneously act as if a slave's
database were current after the slave received a full dump that
failed to load.
* gss_import_sec_context incorrectly set internal state that
identifies whether an imported context is from an interposer
mechanism or from the underlying mechanism.
Feature safe: yes
dependency. Yet this triggers autodetection code in bsd.openssl.mk and
OpenSSL dependency is registered with the resulting package, creating a
discord between INDEX and actual package. Work around by explicitly recording
the dependency in a way that INDEX build will see.
OK'ed by: cy (maintainer)
Feature safe: yes
