pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/security/kth-krb4



Module Name:    pkgsrc
Committed By:   marino
Date:           Mon Nov 28 19:33:13 UTC 2011

Modified Files:
        pkgsrc/security/kth-krb4: Makefile PLIST distinfo
        pkgsrc/security/kth-krb4/patches: patch-aa
Added Files:
        pkgsrc/security/kth-krb4/patches: patch-appl_ftp_ftpd_ftpcmd.y
            patch-appl_ftp_ftpd_pathnames.h patch-lib_kadm_kadm_cli_wrap.c
            patch-lib_krb_krb-protos.h patch-lib_krb_krb_check_auth.c
            patch-lib_krb_mk_priv.c patch-lib_krb_rd_priv.c
            patch-lib_krb_recvauth.c patch-lib_krb_sendauth.c
            patch-lib_krb_solaris_compat.c

Log Message:
security/kth-krb4: Add DragonFly and FreeBSD support

The majority of these patches were inspired from FreeBSD's ports.  FreeBSD,
along with at least Debian, have removed Kerberos4 due to secuity concerns.
From: http://web.mit.edu/kerberos/krb4-end-of-life.html :

"Serious protocol flaws[2] have been found in Kerberos 4. These flaws permit
attacks which require far less effort than an exhaustive search of the DES
key space. These flaws make Kerberos 4 cross-realm authentication an
unacceptable security risk and raise serious questions about the security of
the entire Kerberos 4 protocol.

The known insecurity of DES, combined with the recently discovered protocol
flaws, make it extremely inadvisable to rely on the security of version 4 of
the Kerberos protocol. These factors motivate the MIT Kerberos Team to remove
support for Kerberos version 4 from the MIT implementation of Kerberos."

This end-of-life announcement is dated 19 October 2006.  I think it's a
good question to ask why this package and the packages that depend on it
are still in pkgsrc.


To generate a diff of this commit:
cvs rdiff -u -r1.53 -r1.54 pkgsrc/security/kth-krb4/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/kth-krb4/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/security/kth-krb4/distinfo
cvs rdiff -u -r1.6 -r1.7 pkgsrc/security/kth-krb4/patches/patch-aa
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/security/kth-krb4/patches/patch-appl_ftp_ftpd_ftpcmd.y \
    pkgsrc/security/kth-krb4/patches/patch-appl_ftp_ftpd_pathnames.h \
    pkgsrc/security/kth-krb4/patches/patch-lib_kadm_kadm_cli_wrap.c \
    pkgsrc/security/kth-krb4/patches/patch-lib_krb_krb-protos.h \
    pkgsrc/security/kth-krb4/patches/patch-lib_krb_krb_check_auth.c \
    pkgsrc/security/kth-krb4/patches/patch-lib_krb_mk_priv.c \
    pkgsrc/security/kth-krb4/patches/patch-lib_krb_rd_priv.c \
    pkgsrc/security/kth-krb4/patches/patch-lib_krb_recvauth.c \
    pkgsrc/security/kth-krb4/patches/patch-lib_krb_sendauth.c \
    pkgsrc/security/kth-krb4/patches/patch-lib_krb_solaris_compat.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index