Subject: CVS commit: pkgsrc/security/mit-krb5
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 01/17/2007 23:43:47
Module Name: pkgsrc
Committed By: salo
Date: Wed Jan 17 23:43:47 UTC 2007
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-at
Log Message:
Security fix for CVE-2006-6143:
"An unauthenticated user may cause execution of arbitrary code in
kadmind, which can compromise the Kerberos key database and host
security. (kadmind usually runs as root.) Unsuccessful exploitation,
or even accidental replication of the required conditions by
non-malicious users, can result in kadmind crashing."
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
Patch from MIT.
To generate a diff of this commit:
cvs rdiff -r1.38 -r1.39 pkgsrc/security/mit-krb5/Makefile
cvs rdiff -r1.15 -r1.16 pkgsrc/security/mit-krb5/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/security/mit-krb5/patches/patch-at
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.