Date: Wed, 1 Dec 2010 16:01:41 -0500 (EST) From: Garrett Wollman <wollman@csail.mit.edu> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/152755: security update for security/krb5 Message-ID: <201012012101.oB1L1fwx065892@watchdog.csail.mit.edu> Resent-Message-ID: <201012012140.oB1Le9Sl083713@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 152755 >Category: ports >Synopsis: security update for security/krb5 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Dec 01 21:40:09 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Garrett Wollman >Release: FreeBSD 7.3-RELEASE i386 >Organization: MIT Computer Science & Artificial Intelligence Lab >Environment: System: FreeBSD watchdog.csail.mit.edu 7.3-RELEASE FreeBSD 7.3-RELEASE #9: Tue May 4 14:17:37 EDT 2010 root@watchdog.csail.mit.edu:/usr/obj/usr/src/sys/WATCHDOG i386 >Description: In the month of November, MIT released two security advisories for the MIT Kerberos implementation. These address vulnerabilities CVE-2010-1324, CVE-2010-1323, CVE-2010-4020, CVE-2010-4021, and CVE-2010-1322. >How-To-Repeat: Visit http://web.mit.edu/kerberos/advisories/. >Fix: Index: Makefile =================================================================== RCS file: /home/ncvs/ports/security/krb5/Makefile,v retrieving revision 1.141 diff -u -r1.141 Makefile --- Makefile 4 Nov 2010 04:37:36 -0000 1.141 +++ Makefile 1 Dec 2010 20:38:19 -0000 @@ -7,12 +7,13 @@ PORTNAME= krb5 PORTVERSION= 1.8.3 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ PATCH_SITES= http://web.mit.edu/kerberos/advisories/ DISTNAME= ${PORTNAME}-${PORTVERSION}-signed EXTRACT_SUFX= .tar +PATCHFILES= 2010-006-patch.txt 2010-007-patch.txt MAINTAINER= cy@FreeBSD.org COMMENT= An authentication system developed at MIT, successor to Kerberos IV @@ -33,6 +34,7 @@ CONFIGURE_ENV= INSTALL="${INSTALL}" YACC=/usr/bin/yacc \ CFLAGS="${CFLAGS}" MAKE_ARGS= INSTALL="${INSTALL}" +PATCH_DIST_STRIP= -p2 OPTIONS= KRB5_DOC "Build and install krb5 documentation" on \ WANT_HTML "Want HTML documentation too" on \ Index: distinfo =================================================================== RCS file: /home/ncvs/ports/security/krb5/distinfo,v retrieving revision 1.42 diff -u -r1.42 distinfo --- distinfo 5 Aug 2010 22:37:11 -0000 1.42 +++ distinfo 1 Dec 2010 20:27:36 -0000 @@ -1,3 +1,6 @@ -MD5 (krb5-1.8.3-signed.tar) = 7c5f38e31ee744cb538eed2301096b93 SHA256 (krb5-1.8.3-signed.tar) = 2c5988ddd8b409134cd0e77e9ce8f762605ce8d8fb0aa22f6500f53381567019 SIZE (krb5-1.8.3-signed.tar) = 11642880 +SHA256 (2010-006-patch.txt) = 7d9fbfffdaa0cde0ca499ccbb2cf09a6c7253e537755bbf6da9e08715fd9a474 +SIZE (2010-006-patch.txt) = 1066 +SHA256 (2010-007-patch.txt) = ec08fca9738b5fae619154379ae0158531cb630b6f25551c14d87313c2d2a5f0 +SIZE (2010-007-patch.txt) = 7908 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201012012101.oB1L1fwx065892>