kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
172567 commits 42 branches 80 tags 2.7 GiB
Commit graph

52 commits

Author SHA1 Message Date
Cy Schubert
99854179ca Update 1.5.1 --> 1.6 
Security:	MITKRB5-SA-2006-002,  MITKRB5-SA-2006-003, and
		US-CERT Technical Cyber Security Alert TA07-009B
 2007-01-10 05:06:45 +00:00
Cy Schubert
f647e41ca2 Update krb5-1.5 --> krb5-1.5.1 
Submitted by:	Paul Vixie <paul@vix.com>
 2006-09-17 00:48:42 +00:00
Cy Schubert
b6bd339351 Cause the KDC to also listen on the loopback interface. This is useful 
for situations when the database is replicated to a secure environment
that does not have network access, by hand.
 2006-07-16 17:49:46 +00:00
Cy Schubert
1dd3375131 Fix plugin loader. This fixes krb5kdc and kdb5_util. 2006-07-16 16:15:08 +00:00
Cy Schubert
1a977f5454 Update 1.4.3 --> 1.5 2006-07-14 18:37:11 +00:00
Ade Lovett
8503536d38 Conversion to a single libtool environment. 
Approved by:	portmgr (kris)
 2006-02-23 10:40:44 +00:00
Cy Schubert
2a73db5a4a Improve runtime performance on Sparc 64 platform. 2005-11-25 19:40:48 +00:00
Cy Schubert
34e9c28ad3 Fix FreeBSD-4.11 build problem 
PR:		87888
 2005-11-08 18:51:23 +00:00
Cy Schubert
648578d925 Fix makeinfo problem under FreeBSD-6.0. 2005-11-01 04:01:11 +00:00
Cy Schubert
7d38b507de Update 1.4.1 --> 1.4.2 2005-10-04 22:09:08 +00:00
Cy Schubert
4871e2a3be Fix: 
- MIT KRB5 Security Advisory 2005-002: Buffer overflow, heap corruption in KDC

- MIT KRB5 Security Advisory 2005-003: Double free in krb5_recvauth
 2005-07-12 21:29:26 +00:00
Cy Schubert
3e28cf1baa Update 1.4 --> 1.4.1. 
Package list fixup when KRB5_KRB4_COMPAT is not specified.
 2005-04-23 01:49:07 +00:00
Cy Schubert
8c83b52bad Update 1.3.6 --> 1.4 2005-04-13 03:05:17 +00:00
Cy Schubert
9d07f2a70e Implement a fix for MITKRB5-SA-2005-001: buffer overflows in telnet client. 
Approved by:    portsmgr (krion)
Obtained from:  Tom Yu <tlyu@mit.edu> on kerberos-announce
 2005-03-31 18:46:44 +00:00
Cy Schubert
cba050d77c Update 1.3.4 --> 1.3.5 2004-10-20 20:20:06 +00:00
Cy Schubert
cc39dd6cdd Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilities 
in KDC and libraries

Heads-up by:	nectar
 2004-09-01 19:55:26 +00:00
Cy Schubert
e832541095 Fix MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service. 
Heads-up by:	nectar
 2004-09-01 15:01:20 +00:00
Cy Schubert
80b9496636 Update KRB5 1.3.3 --> 1.3.4 2004-06-11 23:08:57 +00:00
Cy Schubert
632f3977c2 Updated patch for MITKRB5-SA-2004-001: krb5_aname_to_localname buffer overrun. 
Obtained from:	Tom Yu <tlyu@mit.edu> on BUGTRAQ
 2004-06-04 16:37:32 +00:00
Cy Schubert
fe903ca9af Fix MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname 
Obtained from:	Tom Yu <tlyu@MIT.EDU> on kerberos-announce list
 2004-06-02 19:08:34 +00:00
Cy Schubert
b134e90243 Change to src/include/netdb.h 1.31 caused a compile error. This 
commit fixes that error.

Reported by:	bento
 2004-01-25 22:08:27 +00:00
Cy Schubert
df1d57b040 1. Fix pkg-plist. 
2. Fix build on -STABLE.

PR:		57128
 2003-11-08 23:08:25 +00:00
Cy Schubert
615d60baa1 Patch to fix compiles under -STABLE (RELENG_4). 
PR:		56169
Submitted by:	Sergey Matveychuk <sem@ciam.ru>
 2003-09-10 00:00:42 +00:00
Cy Schubert
dc590a57d4 Update 1.2.8 --> 1.3 2003-08-08 01:20:18 +00:00
Cy Schubert
c5dd5e6d13 Put SONAME entries into shared libraries. 
Submitted by:	wollman
 2003-05-07 21:43:40 +00:00
Cy Schubert
b19f46658c Update 1.2.7 --> 1.2.8. 2003-05-07 03:47:49 +00:00
Cy Schubert
af7a454fd3 Patches from: 
- MITKRB5-SA-2003-005:
       Buffer overrun and underrun in principal name handling

  - MITKRB5-SA-2003-004:
       Cryptographic weaknesses in Kerberos v4 protocol; KDC and realm
       compromise possible.

  - MITKRB5-SA-2003-003:
       Faulty length checks in xdrmem_getbytes may allow kadmind DoS.

  - Additional patches from RedHat.

Approved by:	kris (wearing his portmgr hat)
Obtained from:	MIT Website and Nalin Dahyabhai <nalin@redhat.com>
 2003-03-21 00:54:06 +00:00
Cy Schubert
e781a319dc Update 1.2.6 --> 1.2.7 
Note:	Since crypto-publish.org does not yet have krb5-1.2.7 up on their
	website, fetch from their site has been temporarily disabled.
 2002-11-16 00:02:13 +00:00
Cy Schubert
cf7aca2a64 Fix buffer overflow in kadmind4 (remote user can gain root access to 
KDC host).

Obtained from:	Tom Yu <tlyu@mit.edu> on kerberos-announce mailing list,
		MIT krb5 Security Advisory 2002-002
 2002-10-23 22:30:39 +00:00
Cy Schubert
495424cc3f Update 1.2.5 --> 1.2.6 
Note:	Since crypto-publish.org does not yet have krb5-1.2.6 up on their
	website, fetch from their site has been temporarily disabled.
 2002-09-13 13:46:48 +00:00
Jacques Vidrine
20b7146972 Correct Sun RPC buffer overflow. 
<URL:http://online.securityfocus.com/archive/1/285308>
<URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823>
 2002-08-02 18:22:45 +00:00
Cy Schubert
60b5569db4 Fix problem with V4 keys. We should get KRB5_KDB_NO_MATCHING_KEY, not 
ENOENT.  Obtained from /cvs/krbdev/krb5/src/kdc/kdc_preauth.c,v rev 5.31
in MIT KRB5 tree (fix etype info; wrong termination condition used in
get_etype_info).

Obtained from:	Sam Hartman <hartmans@mit.edu>
 2002-06-26 04:49:07 +00:00
Cy Schubert
c0f94d44f3 Update 1.2.2 -> 1.2.3 2002-01-16 03:17:24 +00:00
Cy Schubert
6108625cb9 In order to make the MIT KRB5 port compatible with FreeBSD, the port 
now makes use of login.conf and login.access.  This is performed by
using FreeBSD login(1) instead of MIT KRB5 login.krb5(8).

The MIT KRB5 login.krb5(8) can still be used by specifying "-L" in
the klogind and telnetd arguments in inetd.conf.  This is documented
in a new file called README.FreeBSD.

Reviewed by:	nectar
 2002-01-08 15:05:08 +00:00
Jacques Vidrine
dd4cf80985 = Modify `ksu' so that it uses the login cap database. Michael Allman 
<msa@dinosauricon.com> provided the original patches.

= For users outside of the US, point to www.crypto-publish.org for the
  distfiles.  It was Chris Knight <chris@aims.com.au>'s idea.

Submitted by:	Cy.Schubert@uumail.gov.bc.ca (MAINTAINER)
PR:		ports/29865
 2001-09-07 19:53:09 +00:00
Jacques Vidrine
818599d4d6 Update telnetd vulnerability fixes from FreeBSD. 
Submitted by:	Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
 2001-07-24 16:47:04 +00:00
Jacques Vidrine
8ab8ce5e6e Update telnetd vulnerability fixes from FreeBSD. 
Submitted by:	Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
 2001-07-24 15:28:25 +00:00
Jacques Vidrine
7749fc1146 Merge telnetd vulnerability fix from FreeBSD. 
Submitted by:	Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
 2001-07-20 16:53:32 +00:00
Jacques Vidrine
9168f72db8 Security fix: 
``Buffer overflows exist in the FTP daemon included with MIT krb5.''
  See <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt> and
  <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf_122_patch.txt>.

Obtained from:  MIT Kerberos mailing list
 2001-04-27 18:15:34 +00:00
Jacques Vidrine
3f37ef937e Security fix: 
``Buffer overflows exist in the FTP daemon included with MIT krb5.''
See <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt> and
<URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf_122_patch.txt>.

Obtained from:	MIT Kerberos mailing list
 2001-04-27 18:15:00 +00:00
Jacques Vidrine
ddfc9c62a8 Update 1.2.1 -> 1.2.2 2001-03-02 17:33:57 +00:00
Jacques Vidrine
a865f0187c kshd has /etc/nologin hardcoded instead of using _PATH_NOLOGIN 
from <paths.h> (if available) like login.krb5 does.   As a result,
on FreeBSD 4.2 these two programs end up using different paths
for the nologin file (which is /var/run/nologin on FreeBSD).

Submitted by:	<djm@test.pubnix.com>
 2001-01-09 16:25:22 +00:00
Jacques Vidrine
071860d8ce Update 1.1.1 -> 1.2 2000-06-24 01:48:11 +00:00
Jacques Vidrine
001fea0ac5 Update 1.1 -> 1.1.1 2000-01-16 19:10:58 +00:00
Jacques Vidrine
f91c2d7892 Fix for abort in login.krb5 (segment violation when trying to get a 
TGT).

Obtained from:		MIT Kerberos GNATS PR krb5-appl/762, 763
 1999-10-13 18:43:59 +00:00
Jacques Vidrine
5f0c4b6514 Update 1.0.6 -> 1.1 1999-10-04 14:32:28 +00:00
Jacques Vidrine
b17353afd8 Update 1.0.5 -> 1.0.6 1999-05-27 02:08:26 +00:00
Jacques Vidrine
e5ee607b5d Teach krlogind, telnetd, et. al. about FreeBSD's available ptys. 
In other words,
  /dev/pty[p-zP-T][0-9a-f] -> /dev/pty[p-sP-S][0-9a-v]

Submitted by:	John Polstra <jdp@polstra.com>
 1999-04-05 23:36:46 +00:00
Steve Price
769a61ee49 Make this work with current's new version of texinfo. 
PR:		9587
Submitted by:	Sheldon Hearn <axl@iafrica.com>
 1999-01-26 01:45:28 +00:00
Dima Ruban
2bb6d97578 Use more sane CMD_PATH. 1998-08-03 06:33:07 +00:00