Subject: PR/33656 CVS commit: [pkgsrc-2006Q2] pkgsrc/security/heimdal
To: None <lha@NetBSD.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org,>
From: Geert Hendrickx <ghen@netbsd.org>
List: pkgsrc-bugs
Date: 08/10/2006 07:15:05
The following reply was made to PR pkg/33656; it has been noted by GNATS.
From: Geert Hendrickx <ghen@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: PR/33656 CVS commit: [pkgsrc-2006Q2] pkgsrc/security/heimdal
Date: Thu, 10 Aug 2006 07:14:03 +0000 (UTC)
Module Name: pkgsrc
Committed By: ghen
Date: Thu Aug 10 07:14:03 UTC 2006
Modified Files:
pkgsrc/security/heimdal [pkgsrc-2006Q2]: Makefile PLIST distinfo
Added Files:
pkgsrc/security/heimdal/patches [pkgsrc-2006Q2]: patch-al patch-am
patch-an patch-ao patch-ap patch-aq
Removed Files:
pkgsrc/security/heimdal [pkgsrc-2006Q2]: PLIST.Linux
Log Message:
Pullup ticket 1784 - requested by salo
security fix for heimdal
Revisions pulled up:
- pkgsrc/security/heimdal/Makefile 1.60-1.62
- pkgsrc/security/heimdal/distinfo 1.20-1.21
- pkgsrc/security/heimdal/PLIST 1.11
- pkgsrc/security/heimdal/PLIST.Linux removed
- pkgsrc/security/heimdal/patches/patch-al 1.1
- pkgsrc/security/heimdal/patches/patch-am 1.1
- pkgsrc/security/heimdal/patches/patch-an 1.1
- pkgsrc/security/heimdal/patches/patch-ao 1.1
- pkgsrc/security/heimdal/patches/patch-ap 1.1
- pkgsrc/security/heimdal/patches/patch-aq 1.1
Module Name: pkgsrc
Committed By: markd
Date: Sun Jul 2 13:53:28 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile
Added Files:
pkgsrc/security/heimdal: PLIST.SunOS
Log Message:
Solaris does not have err.h, glob.h, ifaddrs.h and vis.h compatible with
heimdal, so heimdal installs its own. Add them in PLIST.SunOS
Fixes PR pkg/33656. Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: jlam
Date: Wed Jul 5 04:39:15 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile PLIST distinfo
Added Files:
pkgsrc/security/heimdal/patches: patch-al
Removed Files:
pkgsrc/security/heimdal: PLIST.Linux PLIST.SunOS
Log Message:
Back out previous and do the same thing more generally for all platforms.
Since the heimdal install process will install additional headers in
${PREFIX}/include/krb5 depending on what the configure process detects,
simply query the source Makefile at install-time for the extra headers
that it will install and dynamically add them to the PLIST.
---
Module Name: pkgsrc
Committed By: salo
Date: Wed Aug 9 17:58:09 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile distinfo
Added Files:
pkgsrc/security/heimdal/patches: patch-am patch-an patch-ao patch-ap
patch-aq
Log Message:
Security fix for SA21436:
"A security issue has been reported in Heimdal, which potentially can be
exploited by malicious, local users to perform certain actions with
escalated privileges.
The security issue is caused due to missing checks for whether the
"setuid()" call has succeeded in the bundled rcp application. This may
be exploited to perform certain actions with root privileges if the
"setuid()" call fails due to e.g. resource limits."
http://secunia.com/advisories/21436/
http://www.pdc.kth.se/heimdal/advisory/2006-08-08/
Bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -r1.59 -r1.59.2.1 pkgsrc/security/heimdal/Makefile
cvs rdiff -r1.10 -r1.10.2.1 pkgsrc/security/heimdal/PLIST
cvs rdiff -r1.1 -r0 pkgsrc/security/heimdal/PLIST.Linux
cvs rdiff -r1.19 -r1.19.4.1 pkgsrc/security/heimdal/distinfo
cvs rdiff -r0 -r1.1.2.1 pkgsrc/security/heimdal/patches/patch-al \
pkgsrc/security/heimdal/patches/patch-am \
pkgsrc/security/heimdal/patches/patch-an \
pkgsrc/security/heimdal/patches/patch-ao \
pkgsrc/security/heimdal/patches/patch-ap \
pkgsrc/security/heimdal/patches/patch-aq
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.