Subject: PR/34252 CVS commit: [pkgsrc-2006Q4] pkgsrc/security/mit-krb5
To: None <salo@NetBSD.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org,>
From: Geert Hendrickx <ghen@netbsd.org>
List: pkgsrc-bugs
Date: 02/18/2007 12:05:02
The following reply was made to PR pkg/34252; it has been noted by GNATS.
From: Geert Hendrickx <ghen@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: PR/34252 CVS commit: [pkgsrc-2006Q4] pkgsrc/security/mit-krb5
Date: Sun, 18 Feb 2007 12:01:12 +0000 (UTC)
Module Name: pkgsrc
Committed By: ghen
Date: Sun Feb 18 12:01:12 UTC 2007
Modified Files:
pkgsrc/security/mit-krb5 [pkgsrc-2006Q4]: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches [pkgsrc-2006Q4]: patch-at
Log Message:
Pullup ticket 2021 - requested by salo
security fix for mit-krb5
- pkgsrc/security/mit-krb5/Makefile 1.39-1.40
- pkgsrc/security/mit-krb5/distinfo 1.16
- pkgsrc/security/mit-krb5/patches/patch-at 1.1
Module Name: pkgsrc
Committed By: salo
Date: Wed Jan 17 23:43:47 UTC 2007
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-at
Log Message:
Security fix for CVE-2006-6143:
"An unauthenticated user may cause execution of arbitrary code in
kadmind, which can compromise the Kerberos key database and host
security. (kadmind usually runs as root.) Unsuccessful exploitation,
or even accidental replication of the required conditions by
non-malicious users, can result in kadmind crashing."
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
Patch from MIT.
---
Module Name: pkgsrc
Committed By: salo
Date: Thu Jan 18 17:28:24 UTC 2007
Modified Files:
pkgsrc/security/mit-krb5: Makefile
Log Message:
Fix building with Autoconf 2.60 and newer.
Addresses PR pkg/34252 by Matthias Petermann.
Also delint a bit.
To generate a diff of this commit:
cvs rdiff -r1.38 -r1.38.4.1 pkgsrc/security/mit-krb5/Makefile
cvs rdiff -r1.15 -r1.15.4.1 pkgsrc/security/mit-krb5/distinfo
cvs rdiff -r0 -r1.1.2.1 pkgsrc/security/mit-krb5/patches/patch-at
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.