kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
123923 commits 42 branches 80 tags 2.7 GiB
Commit graph

40 commits

Author SHA1 Message Date
Cy Schubert
8c83b52bad Update 1.3.6 --> 1.4 2005-04-13 03:05:17 +00:00
Cy Schubert
9d07f2a70e Implement a fix for MITKRB5-SA-2005-001: buffer overflows in telnet client. 
Approved by:    portsmgr (krion)
Obtained from:  Tom Yu <tlyu@mit.edu> on kerberos-announce
 2005-03-31 18:46:44 +00:00
Cy Schubert
cba050d77c Update 1.3.4 --> 1.3.5 2004-10-20 20:20:06 +00:00
Cy Schubert
cc39dd6cdd Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilities 
in KDC and libraries

Heads-up by:	nectar
 2004-09-01 19:55:26 +00:00
Cy Schubert
e832541095 Fix MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service. 
Heads-up by:	nectar
 2004-09-01 15:01:20 +00:00
Cy Schubert
80b9496636 Update KRB5 1.3.3 --> 1.3.4 2004-06-11 23:08:57 +00:00
Cy Schubert
632f3977c2 Updated patch for MITKRB5-SA-2004-001: krb5_aname_to_localname buffer overrun. 
Obtained from:	Tom Yu <tlyu@mit.edu> on BUGTRAQ
 2004-06-04 16:37:32 +00:00
Cy Schubert
fe903ca9af Fix MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname 
Obtained from:	Tom Yu <tlyu@MIT.EDU> on kerberos-announce list
 2004-06-02 19:08:34 +00:00
Cy Schubert
b134e90243 Change to src/include/netdb.h 1.31 caused a compile error. This 
commit fixes that error.

Reported by:	bento
 2004-01-25 22:08:27 +00:00
Cy Schubert
df1d57b040 1. Fix pkg-plist. 
2. Fix build on -STABLE.

PR:		57128
 2003-11-08 23:08:25 +00:00
Cy Schubert
615d60baa1 Patch to fix compiles under -STABLE (RELENG_4). 
PR:		56169
Submitted by:	Sergey Matveychuk <sem@ciam.ru>
 2003-09-10 00:00:42 +00:00
Cy Schubert
dc590a57d4 Update 1.2.8 --> 1.3 2003-08-08 01:20:18 +00:00
Cy Schubert
c5dd5e6d13 Put SONAME entries into shared libraries. 
Submitted by:	wollman
 2003-05-07 21:43:40 +00:00
Cy Schubert
b19f46658c Update 1.2.7 --> 1.2.8. 2003-05-07 03:47:49 +00:00
Cy Schubert
af7a454fd3 Patches from: 
- MITKRB5-SA-2003-005:
       Buffer overrun and underrun in principal name handling

  - MITKRB5-SA-2003-004:
       Cryptographic weaknesses in Kerberos v4 protocol; KDC and realm
       compromise possible.

  - MITKRB5-SA-2003-003:
       Faulty length checks in xdrmem_getbytes may allow kadmind DoS.

  - Additional patches from RedHat.

Approved by:	kris (wearing his portmgr hat)
Obtained from:	MIT Website and Nalin Dahyabhai <nalin@redhat.com>
 2003-03-21 00:54:06 +00:00
Cy Schubert
e781a319dc Update 1.2.6 --> 1.2.7 
Note:	Since crypto-publish.org does not yet have krb5-1.2.7 up on their
	website, fetch from their site has been temporarily disabled.
 2002-11-16 00:02:13 +00:00
Cy Schubert
cf7aca2a64 Fix buffer overflow in kadmind4 (remote user can gain root access to 
KDC host).

Obtained from:	Tom Yu <tlyu@mit.edu> on kerberos-announce mailing list,
		MIT krb5 Security Advisory 2002-002
 2002-10-23 22:30:39 +00:00
Cy Schubert
495424cc3f Update 1.2.5 --> 1.2.6 
Note:	Since crypto-publish.org does not yet have krb5-1.2.6 up on their
	website, fetch from their site has been temporarily disabled.
 2002-09-13 13:46:48 +00:00
Jacques Vidrine
20b7146972 Correct Sun RPC buffer overflow. 
<URL:http://online.securityfocus.com/archive/1/285308>
<URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823>
 2002-08-02 18:22:45 +00:00
Cy Schubert
60b5569db4 Fix problem with V4 keys. We should get KRB5_KDB_NO_MATCHING_KEY, not 
ENOENT.  Obtained from /cvs/krbdev/krb5/src/kdc/kdc_preauth.c,v rev 5.31
in MIT KRB5 tree (fix etype info; wrong termination condition used in
get_etype_info).

Obtained from:	Sam Hartman <hartmans@mit.edu>
 2002-06-26 04:49:07 +00:00
Cy Schubert
c0f94d44f3 Update 1.2.2 -> 1.2.3 2002-01-16 03:17:24 +00:00
Cy Schubert
6108625cb9 In order to make the MIT KRB5 port compatible with FreeBSD, the port 
now makes use of login.conf and login.access.  This is performed by
using FreeBSD login(1) instead of MIT KRB5 login.krb5(8).

The MIT KRB5 login.krb5(8) can still be used by specifying "-L" in
the klogind and telnetd arguments in inetd.conf.  This is documented
in a new file called README.FreeBSD.

Reviewed by:	nectar
 2002-01-08 15:05:08 +00:00
Jacques Vidrine
dd4cf80985 = Modify `ksu' so that it uses the login cap database. Michael Allman 
<msa@dinosauricon.com> provided the original patches.

= For users outside of the US, point to www.crypto-publish.org for the
  distfiles.  It was Chris Knight <chris@aims.com.au>'s idea.

Submitted by:	Cy.Schubert@uumail.gov.bc.ca (MAINTAINER)
PR:		ports/29865
 2001-09-07 19:53:09 +00:00
Jacques Vidrine
818599d4d6 Update telnetd vulnerability fixes from FreeBSD. 
Submitted by:	Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
 2001-07-24 16:47:04 +00:00
Jacques Vidrine
8ab8ce5e6e Update telnetd vulnerability fixes from FreeBSD. 
Submitted by:	Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
 2001-07-24 15:28:25 +00:00
Jacques Vidrine
7749fc1146 Merge telnetd vulnerability fix from FreeBSD. 
Submitted by:	Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
 2001-07-20 16:53:32 +00:00
Jacques Vidrine
9168f72db8 Security fix: 
``Buffer overflows exist in the FTP daemon included with MIT krb5.''
  See <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt> and
  <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf_122_patch.txt>.

Obtained from:  MIT Kerberos mailing list
 2001-04-27 18:15:34 +00:00
Jacques Vidrine
3f37ef937e Security fix: 
``Buffer overflows exist in the FTP daemon included with MIT krb5.''
See <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt> and
<URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf_122_patch.txt>.

Obtained from:	MIT Kerberos mailing list
 2001-04-27 18:15:00 +00:00
Jacques Vidrine
ddfc9c62a8 Update 1.2.1 -> 1.2.2 2001-03-02 17:33:57 +00:00
Jacques Vidrine
a865f0187c kshd has /etc/nologin hardcoded instead of using _PATH_NOLOGIN 
from <paths.h> (if available) like login.krb5 does.   As a result,
on FreeBSD 4.2 these two programs end up using different paths
for the nologin file (which is /var/run/nologin on FreeBSD).

Submitted by:	<djm@test.pubnix.com>
 2001-01-09 16:25:22 +00:00
Jacques Vidrine
071860d8ce Update 1.1.1 -> 1.2 2000-06-24 01:48:11 +00:00
Jacques Vidrine
001fea0ac5 Update 1.1 -> 1.1.1 2000-01-16 19:10:58 +00:00
Jacques Vidrine
f91c2d7892 Fix for abort in login.krb5 (segment violation when trying to get a 
TGT).

Obtained from:		MIT Kerberos GNATS PR krb5-appl/762, 763
 1999-10-13 18:43:59 +00:00
Jacques Vidrine
5f0c4b6514 Update 1.0.6 -> 1.1 1999-10-04 14:32:28 +00:00
Jacques Vidrine
b17353afd8 Update 1.0.5 -> 1.0.6 1999-05-27 02:08:26 +00:00
Jacques Vidrine
e5ee607b5d Teach krlogind, telnetd, et. al. about FreeBSD's available ptys. 
In other words,
  /dev/pty[p-zP-T][0-9a-f] -> /dev/pty[p-sP-S][0-9a-v]

Submitted by:	John Polstra <jdp@polstra.com>
 1999-04-05 23:36:46 +00:00
Steve Price
769a61ee49 Make this work with current's new version of texinfo. 
PR:		9587
Submitted by:	Sheldon Hearn <axl@iafrica.com>
 1999-01-26 01:45:28 +00:00
Dima Ruban
2bb6d97578 Use more sane CMD_PATH. 1998-08-03 06:33:07 +00:00
Jacques Vidrine
6b7ea58f15 Additional patches (already committed to krb5-current): 
* Paths corrected in applications
* ftpd now logs to facility LOG_FTP
* use openpty to obtain pseudo-terminal
* corrected detection of TCL libraries
* fix a forwarding bug
* add -m flag to ksu (preserve USER, HOME, SHELL)
* cosmetic bug fix to telnet.c
Submitted by:	Dima Ruban <dima@best.net>
 1998-07-06 18:59:06 +00:00
Jacques Vidrine
7a09e241f4 New port, KerberosV 1.0.5. 
PR:		ports/6870
Submitted by:	Jacques Vidrine <n@nectar.com>
 1998-07-06 02:28:42 +00:00