kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/security/mit-krb5
History
salo bb3e8f5e8d Security fixes for SA21402: 
"A security issue has been reported in Kerberos, which potentially can
 be exploited by malicious, local users to perform certain actions with
 escalated privileges.

 The security issue is caused due to missing checks for whether the
 "setuid()" call has succeeded in the bundled krshd and v4rcp
 applications. This can be exploited to disclose or manipulate the
 contents of arbitrary files or execute arbitrary code with root
 privileges if the "setuid()" call fails due to e.g. resource limits."

http://secunia.com/advisories/21402/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3084
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt

Bump PKGREVISION.
2006-08-09 17:31:10 +00:00
..
files Updated security/mit-krb5 to krb5-1.4. Changes from version 1.3.6 include: 2005-04-10 07:15:24 +00:00
patches Security fixes for SA21402: 2006-08-09 17:31:10 +00:00
buildlink3.mk Change the format of BUILDLINK_ORDER to contain depth information as well, 2006-07-08 23:10:35 +00:00
builtin.mk At least look for "Massachusetts Institute of Technology" as a crude 2006-04-10 18:05:16 +00:00
DESCR
distinfo Security fixes for SA21402: 2006-08-09 17:31:10 +00:00
Makefile Security fixes for SA21402: 2006-08-09 17:31:10 +00:00
PLIST * Nuke all references to and definitions of INFO_DIR in package Makefiles 2006-03-20 18:15:37 +00:00