diff options
| author |   Jeremy Olexa <darkside@gentoo.org> | 2010-04-30 22:17:14 +0000 |
|---|---|---|
| committer | Jeremy Olexa <darkside@gentoo.org> | 2010-04-30 22:17:14 +0000 |
| commit | cc23c30774e835d83b33c35da72426d06172c0c7 (patch) | |
| tree | 9f7770aee5287744dda745f44f441344f8520d1e /app-crypt/mit-krb5 | |
| parent | Automated update of use.local.desc (diff) | |
| download | historical-cc23c30774e835d83b33c35da72426d06172c0c7.tar.gz historical-cc23c30774e835d83b33c35da72426d06172c0c7.tar.bz2 historical-cc23c30774e835d83b33c35da72426d06172c0c7.zip | |
Version bump by Eray Aslan, security bug 312481
Package-Manager: portage-2.1.8.3/cvs/Linux armv7l
Diffstat (limited to 'app-crypt/mit-krb5')
| -rw-r--r-- | app-crypt/mit-krb5/ChangeLog | 8 | ||||
| -rw-r--r-- | app-crypt/mit-krb5/Manifest | 5 | ||||
| -rw-r--r-- | app-crypt/mit-krb5/files/CVE-2010-1320.patch | 20 | ||||
| -rw-r--r-- | app-crypt/mit-krb5/mit-krb5-1.8.1.ebuild | 113 |
4 files changed, 144 insertions, 2 deletions
diff --git a/app-crypt/mit-krb5/ChangeLog b/app-crypt/mit-krb5/ChangeLog index 4cabfa2e17bc..bb6a5d52e09a 100644 --- a/app-crypt/mit-krb5/ChangeLog +++ b/app-crypt/mit-krb5/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-crypt/mit-krb5 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/ChangeLog,v 1.215 2010/01/14 09:12:31 mueli Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/ChangeLog,v 1.216 2010/04/30 22:17:14 darkside Exp $ + +*mit-krb5-1.8.1 (30 Apr 2010) + + 30 Apr 2010; Jeremy Olexa <darkside@gentoo.org> +mit-krb5-1.8.1.ebuild, + +files/CVE-2010-1320.patch: + Version bump by Eray Aslan, security bug 312481 *mit-krb5-1.7-r2 (14 Jan 2010) *mit-krb5-1.6.3-r7 (14 Jan 2010) diff --git a/app-crypt/mit-krb5/Manifest b/app-crypt/mit-krb5/Manifest index e53647f25f3b..a7bf7bb6ff2a 100644 --- a/app-crypt/mit-krb5/Manifest +++ b/app-crypt/mit-krb5/Manifest @@ -3,16 +3,19 @@ AUX 1.6-MITKRB5-SA-2008-001.patch 11080 RMD160 12415f2329536352cd4d4aaa340951771 AUX 1.7-CVE-2009-4212.patch 13085 RMD160 98b9d7adab15a198cf6380458e9960e41385f2f9 SHA1 627c85e8764717248d5d86f70a1eb1a649035ef9 SHA256 c64a28f4fc9c7db2f0f98efea401b6e36d196f90d20f435b19c60259c348693b AUX CVE-2009-0844+CVE-2009-0847.patch 2075 RMD160 eba543da0eafa13158a71947bf22783292d23951 SHA1 087e0dfcdff3dd08b9085fda47099c438871488d SHA256 abdff5ffb07b57d6156722ea6ee12a73ae3337ff05687e384a59989074ab4316 AUX CVE-2009-0846.patch 1682 RMD160 80292c97735b2e45eb450d2c8f6c30e6b0dbf199 SHA1 4bde9e943f4604bfde41cb91f923c123716add71 SHA256 71914affe6f8623b44f3b8ac9c98a83783e41200f8965ea5d68e7fb8a4bc3088 +AUX CVE-2010-1320.patch 701 RMD160 f5ebcbf5a5cb872644aa3d7f28bea0de2e4cc281 SHA1 775ae45e20b67d1de7f2a21c52afbfbaacdae5a1 SHA256 251757cc449ba11f0147febc1b69e8aee37ec6c200a25c08e9a9eac02cdb3c60 AUX MITKRB5-SA-2008-002.patch 1505 RMD160 35bb24ae802b532836810588e13c775ef8522cc1 SHA1 70fb0d83da33eb3e00355a11894c37f7c9d2b9aa SHA256 8e84a55080461f117f61501550c364f9ac25d9079601281a0d413bff664fc386 AUX mit-krb5-lazyldflags.patch 509 RMD160 47515882e93e0db7db6980a4460a01f2cbc3f382 SHA1 db880ff82bd72afd2815a8e8d345c815c2769715 SHA256 272b3a18303b43c64bbcc1da9bcb7cd60d56337700d84c78741c7096c18044d5 AUX mit-krb5kadmind.initd 687 RMD160 7602d12d570e80edf24953befbe4ec03d247e4ba SHA1 753a5875659d3bef63c1a50bb0228f1c3c06bdf9 SHA256 427953b3a2dbe0a8f85bee1294a348c97dbbdac4741f06c2a3768170ba29161a AUX mit-krb5kdc.initd 656 RMD160 8c4c508273f9d715ac0e0a8d9c54e36f63526b9b SHA1 62017fc3a2f5adbd6e0c1421041593a268a6252d SHA256 d813dbf3ee89f0da6b73455fd8759898223529c4cf7c1c2ec64a3128363194e2 DIST krb5-1.6.3-signed.tar 11909120 RMD160 4f09e797d6e03c240353f3943875117a39c82c29 SHA1 c4c98801371895f84c6586c344c7f4bd850e6faf SHA256 7a1bd7d4bd326828c8ee382ed2b69ccd6c58762601df897d6a32169d84583d2a DIST krb5-1.7-signed.tar 12226560 RMD160 1fe0efd07bb525620e821a7b3a98cafd416d017c SHA1 0fe1b1cf9f8d4f5f5d7fdaf89326baf5c5adbc66 SHA256 a370cae8386e8b82b309c44a220542af78cbcbb42028fb3c2224eae6dba1ffd5 +DIST krb5-1.8.1-signed.tar 11632640 RMD160 3db8011a9edfc0624c7d68a8d757f89aeefd8952 SHA1 ae7f22cf42380472e1f771f67021982f3f6697e5 SHA256 470c486ec5580d12f2a72cde059e3bdfa567cf96215b724fec5a3b6cfa7eebb9 DIST mit-krb5-1.6.3-patches-0.5.tar.bz2 5317 RMD160 423c728e6f399fb4605373495a36480147a35e8c SHA1 ec3327acc45ce29cfd4179adf23fbde52eefb774 SHA256 46538d6b59d6fd1756b9ed0f3002886578a90cf5366e2be1d6fd0ffffeea7d3e DIST mit-krb5-1.7-patches-0.6.tar.bz2 707 RMD160 8849cc7c663cd1cfed35af9647197af8ce214a0e SHA1 056834d3068e04e8d636d242d38ae580bebb7cd5 SHA256 ea66d5a10fbb30adeaef9de73d77a7a034cc2ff1dcc82aa52bde21b370c574f6 EBUILD mit-krb5-1.6.3-r6.ebuild 2816 RMD160 d9207dc3a1d6aa54eaad45c04092704631743b43 SHA1 436537036eabe1f3eeff5ab28d7b37c63e12353f SHA256 00b60f4ef14978fc41a60cee257f7b2e2265ffc5a7c754fe075ff0c1dcbb35d0 EBUILD mit-krb5-1.6.3-r7.ebuild 2874 RMD160 e9ad37cd27b80b94296226c279431a58dd8d799e SHA1 2706e5949d6d5a32734aa63988c74b2f9b324239 SHA256 c4ca4f284cf02a6e11bde53f39a550af444c75de7ea3f9a131ad40aa41c29f78 EBUILD mit-krb5-1.7-r2.ebuild 2644 RMD160 44ca6704cff27f8a18d2769af001972bbe87cc45 SHA1 40b2d880d86a70e5b4b6dccb84eee95856284f21 SHA256 e61f5835d96fafb5fe99fa5e42eb5e069f4f5b6927ac069744e89855e56925d5 -MISC ChangeLog 34962 RMD160 b64c1bd0c3ca530b7259a96d57df99be0cede752 SHA1 49921d0124608ab37e1fe058dcc84694a6ff5d5b SHA256 5216d30c509d9bc60884a04447e7497718ea74eace4728bb28e72d20d838ed01 +EBUILD mit-krb5-1.8.1.ebuild 2671 RMD160 d1f232b513a1227ce0f091aa3ddd59e9cb34a80d SHA1 8acfb7b8079d7ff419f16888698752ad37c1fb17 SHA256 707bb1cdcc6461d51542e7d858e2aa2f11e8796751381445ee2869c6aa47052a +MISC ChangeLog 35151 RMD160 1cc4e75920b490e71ce6aa1985984dc20af25d1a SHA1 a2b0dc9d1a29fa292e0e7aa37b8cb0863782cac3 SHA256 85893feed44c6997187ecc36c90682600f57de414632da3d849803e99812d6c4 MISC metadata.xml 639 RMD160 5e0f0a281fd7c2db9cef027d510f4f65fe769e2e SHA1 5ff055ed4d8a80384cba07293c41dd10983d2792 SHA256 fe666e55cb89f0dda7aa81fefe167f1cf2934053c83f1ee147781c34b7f28595 diff --git a/app-crypt/mit-krb5/files/CVE-2010-1320.patch b/app-crypt/mit-krb5/files/CVE-2010-1320.patch new file mode 100644 index 000000000000..bb6261f48144 --- /dev/null +++ b/app-crypt/mit-krb5/files/CVE-2010-1320.patch @@ -0,0 +1,20 @@ +diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c +index b2f0655..76ca94a 100644 +--- a/src/kdc/do_tgs_req.c ++++ b/src/kdc/do_tgs_req.c +@@ -543,6 +543,7 @@ tgt_again: + to the caller */ + ticket_reply = *(header_ticket); + enc_tkt_reply = *(header_ticket->enc_part2); ++ enc_tkt_reply.authorization_data = NULL; + clear(enc_tkt_reply.flags, TKT_FLG_INVALID); + } + +@@ -554,6 +555,7 @@ tgt_again: + to the caller */ + ticket_reply = *(header_ticket); + enc_tkt_reply = *(header_ticket->enc_part2); ++ enc_tkt_reply.authorization_data = NULL; + + old_life = enc_tkt_reply.times.endtime - enc_tkt_reply.times.starttime; + diff --git a/app-crypt/mit-krb5/mit-krb5-1.8.1.ebuild b/app-crypt/mit-krb5/mit-krb5-1.8.1.ebuild new file mode 100644 index 000000000000..563440f7821a --- /dev/null +++ b/app-crypt/mit-krb5/mit-krb5-1.8.1.ebuild @@ -0,0 +1,113 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5/mit-krb5-1.8.1.ebuild,v 1.1 2010/04/30 22:17:14 darkside Exp $ + +EAPI="2" + +inherit eutils flag-o-matic versionator autotools + +MY_P=${P/mit-} +P_DIR=$(get_version_component_range 1-2) +DESCRIPTION="MIT Kerberos V" +HOMEPAGE="http://web.mit.edu/kerberos/www/" +SRC_URI="http://web.mit.edu/kerberos/dist/krb5/${P_DIR}/${MY_P}-signed.tar" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="ldap doc" + +RDEPEND="!virtual/krb5 + >=sys-libs/e2fsprogs-libs-1.41.0 + ldap? ( net-nds/openldap )" +DEPEND="${RDEPEND} + doc? ( virtual/latex-base )" + +S=${WORKDIR}/${MY_P}/src + +PROVIDE="virtual/krb5" + +src_unpack() { + unpack ${A} + unpack ./"${MY_P}".tar.gz +} + +src_prepare() { + epatch "${FILESDIR}/CVE-2010-1320.patch" + local subdir + for subdir in $(find . -name configure.in \ + | xargs grep -l 'AC_CONFIG_SUBDIRS' \ + | sed 's@/configure\.in$@@'); do + ebegin "Regenerating configure script in ${subdir}" + cd "${S}"/${subdir} + eautoconf --force -I "${S}" + eend $? + done +} + +src_configure() { + append-flags "-I/usr/include/et" + econf \ + $(use_enable ldap) \ + --without-krb4 \ + --enable-shared \ + --with-system-et \ + --with-system-ss \ + --enable-dns-for-realm \ + --enable-kdc-replay-cache +} + +src_compile() { + emake -j1 || die "emake failed" + + if use doc ; then + cd ../doc + for dir in api implement ; do + emake -C "${dir}" || die "doc emake failed" + done + fi +} + +src_test() { + einfo "Tests do not run in sandbox, they need mit-krb5 to be already installed to test it." +} + +src_install() { + emake \ + DESTDIR="${D}" \ + EXAMPLEDIR=/usr/share/doc/${PF}/examples \ + install || die "install failed" + + keepdir /var/lib/krb5kdc + + cd .. + dodoc README + dodoc doc/*.ps + doinfo doc/*.info* + dohtml -r doc/* + +# die if we cannot respect a USE flag + if use doc; then + dodoc doc/{api,implement}/*.ps || die "dodoc failed" + fi + + newinitd "${FILESDIR}"/mit-krb5kadmind.initd mit-krb5kadmind + newinitd "${FILESDIR}"/mit-krb5kdc.initd mit-krb5kdc + + insinto /etc + newins "${D}/usr/share/doc/${PF}/examples/krb5.conf" krb5.conf.example + insinto /var/lib/krb5kdc + newins "${D}/usr/share/doc/${PF}/examples/kdc.conf" kdc.conf.example +} + +pkg_preinst() { + + if has_version "<${CATEGORY}/${PN}-1.8.0" ; then + einfo + elog "MIT split the Kerberos applications from the base Kerberos" + elog "distribution. Kerberized versions of telnet, rlogin, rsh, rcp," + elog "ftp clients and telnet, ftp deamons now live in" + elog "\"app-crypt/mit-krb5-appl\" package." + einfo + fi +} |