e9a9cefac0
This is primarily a bugfix release. Fix vulnerabilities: * KDC uninitialized pointer crash [MITKRB5-SA-2010-006 CVE-2010-1322] * kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022] * KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 CVE-2011-0282 CVE-2011-0283] * KDC double-free when PKINIT enabled [MITKRB5-SA-2011-003 CVE-2011-0284] * kadmind frees invalid pointer [MITKRB5-SA-2011-004 CVE-2011-0285] Interoperability: * Correctly encrypt GSSAPI forwarded credentials using the session key, not a subkey. * Set NT-SRV-INST on TGS principal names as expected by some Windows Server Domain Controllers. * Don't reject AP-REQ messages if their PAC doesn't validate; suppress the PAC instead. * Correctly validate HMAC-MD5 checksums that use DES keys
13 lines
364 B
Makefile
13 lines
364 B
Makefile
# $NetBSD: buildlink3.mk,v 1.12 2011/07/08 09:59:28 adam Exp $
|
|
|
|
BUILDLINK_TREE+= mit-krb5
|
|
|
|
.if !defined(MIT_KRB5_BUILDLINK3_MK)
|
|
MIT_KRB5_BUILDLINK3_MK:=
|
|
|
|
BUILDLINK_API_DEPENDS.mit-krb5+= mit-krb5>=1.8
|
|
BUILDLINK_ABI_DEPENDS.mit-krb5+= mit-krb5>=1.8
|
|
BUILDLINK_PKGSRCDIR.mit-krb5?= ../../security/mit-krb5
|
|
.endif # MIT_KRB5_BUILDLINK3_MK
|
|
|
|
BUILDLINK_TREE+= -mit-krb5
|