pkgsrc.se | The NetBSD package collection

./security/mit-krb5, MIT Kerberos 5 authentication system

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2013Q1, Version: 1.10.4nb2, Package name: mit-krb5-1.10.4nb2, Maintainer: tez

Kerberos V5 is an authentication system developed at MIT. It is a network
authentication protocol designed to provide strong authentication for
client/server applications by using secret-key cryptography. (Kerberos
5 is discussed in RFC 1510.)

This package provides Kerberos and GSSAPI (Generic Security Services
Application Programming Interface) development headers and libraries.
It also includes Kerberos ticket and principal tools.

N.B. Kerberized r-services, telnet and ftp services are now found in
the security/mit-krb5-appl package.

Required to build:
[lang/perl5] [devel/autoconf] [devel/gmake] [devel/libtool-base]

Master sites:

http://web.mit.edu/kerberos/dist/krb5/1.10/

Version history: (Expand)

(2013-05-17) Updated to version: mit-krb5-1.10.4nb2
(2013-05-01) Updated to version: mit-krb5-1.10.4nb1
(2013-04-01) Package added to pkgsrc.se, version mit-krb5-1.10.4 (created)

CVS history: (Expand)

2013-05-17 00:04:58 by S.P.Zeidler | Files touched by this commit (3)

Log message:
Pullup ticket #4134 - requested by tez
security/mit-krb5: security fix

Revisions pulled up:
- security/mit-krb5/Makefile                                    1.70
- security/mit-krb5/distinfo                                    1.43
- security/mit-krb5/patches/patch-kadmin_server_schpw.c         1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tez
   Date:           Mon May 13 22:42:34 UTC 2013

   Modified Files:
           pkgsrc/security/mit-krb5: Makefile distinfo
   Added Files:
           pkgsrc/security/mit-krb5/patches: patch-kadmin_server_schpw.c

   Log message:
   The kpasswd service provided by kadmind was vulnerable to a UDP
   "ping-pong" attack [CVE-2002-2443].  Don't respond to packets unless
   they pass some basic validation, and don't respond to our own error
   packets.

   Some authors use CVE-1999-0103 to refer to the kpasswd UDP ping-pong
   attack or UDP ping-pong attacks in general, but there is discussion
   leading toward narrowing the definition of CVE-1999-0103 to the echo,
   chargen, or other similar built-in inetd services.

   https://github.com/krb5/krb5/commit/cf1a0c411b2668c57c41e9c4efd15ba17b6b322ccvs

   To generate a diff of this commit:
   cvs rdiff -u -r1.69 -r1.70 pkgsrc/security/mit-krb5/Makefile
   cvs rdiff -u -r1.42 -r1.43 pkgsrc/security/mit-krb5/distinfo
   cvs rdiff -u -r0 -r1.1 \
       pkgsrc/security/mit-krb5/patches/patch-kadmin_server_schpw.c

2013-04-30 20:50:02 by Matthias Scheler | Files touched by this commit (3)

Log message:
Pullup ticket #4128 - requested by tez
security/mit-krb5: security patch

Revisions pulled up:
- security/mit-krb5/Makefile                                    1.68
- security/mit-krb5/distinfo                                    1.41
- security/mit-krb5/patches/patch-kdc_do_tgs_req.c              1.1

---
   Module Name:    pkgsrc
   Committed By:   tez
   Date:           Tue Apr 23 22:09:44 UTC 2013

   Modified Files:
           pkgsrc/security/mit-krb5: Makefile distinfo
   Added Files:
           pkgsrc/security/mit-krb5/patches: patch-kdc_do_tgs_req.c

   Log message:
   Fix for CVE-2013-1416 from:
    \ 
http://krbdev.mit.edu/rt/Ticket/Display.html?user=guest&pass=guest&id=7600