Address: krb5 -- Vulnerabilities in kadmind, libgssrpc,

gss_process_context_token VU#540092 CVE-2014-5352: gss_process_context_token() incorrectly frees context CVE-2014-9421: kadmind doubly frees partial deserialization results CVE-2014-9422: kadmind incorrectly validates server principal name CVE-2014-9423: libgssrpc server applications leak uninitialized bytes Security: VUXML: 24ce5597-acab-11e4-a847-206a8a720317 Security: MIT KRB5: VU#540092 Security: CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
author: cy <cy@FreeBSD.org> 2015-02-05 04:47:04 +0800
committer: cy <cy@FreeBSD.org> 2015-02-05 04:47:04 +0800
commit: 6281aeb1476bd429eaa2ebe4a60165842963d02c (patch)
tree: 9f7ec47e0f4e680a123a688259ad589635f37f37
parent: 0ee3a761b1aebee1016d5dcc9710ed18f44ed97d (diff)
download: freebsd-ports-graphics-6281aeb1476bd429eaa2ebe4a60165842963d02c.tar.gz
freebsd-ports-graphics-6281aeb1476bd429eaa2ebe4a60165842963d02c.tar.zst
freebsd-ports-graphics-6281aeb1476bd429eaa2ebe4a60165842963d02c.zip
6 files changed, 18 insertions, 1 deletions
diff --git a/security/krb5-111/Makefile b/security/krb5-111/Makefile
index 9d02856ef90..ff239f32eb9 100644
--- a/security/krb5-111/Makefile
+++ b/security/krb5-111/Makefile
@@ -3,12 +3,13 @@
 
 PORTNAME=		krb5
 PORTVERSION=		1.11.5
-PORTREVISION=		3
+PORTREVISION=		4
 CATEGORIES=		security
 MASTER_SITES=		http://web.mit.edu/kerberos/dist/krb5/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
 PKGNAMESUFFIX=		-111
 DISTNAME=		krb5-${PORTVERSION}-signed
 EXTRACT_SUFX=		.tar
+PATCHFILES=		2015-001-patch-r111.txt
 
 PATCH_SITES=		http://web.mit.edu/kerberos/advisories/
 PATCH_DIST_STRIP=	-p2
diff --git a/security/krb5-111/distinfo b/security/krb5-111/distinfo
index c56a114c57a..511ee30cb62 100644
--- a/security/krb5-111/distinfo
+++ b/security/krb5-111/distinfo
@@ -1,2 +1,4 @@
 SHA256 (krb5-1.11.5-signed.tar) = d3cee29a50b510526fa692c7c23832df60d4d1cfa66de21e288a897bed6b98c2
 SIZE (krb5-1.11.5-signed.tar) = 11714560
+SHA256 (2015-001-patch-r111.txt) = d7e1ac2abf76e546680d2789d11aaafe3119a13bbdcd1008b742efea016816e2
+SIZE (2015-001-patch-r111.txt) = 12128
diff --git a/security/krb5-112/Makefile b/security/krb5-112/Makefile
index 029e0bc1201..97e3a26e39d 100644
--- a/security/krb5-112/Makefile
+++ b/security/krb5-112/Makefile
@@ -3,11 +3,13 @@
 
 PORTNAME=		krb5
 PORTVERSION=		1.12.2
+PORTREVISION=		1
 CATEGORIES=		security
 MASTER_SITES=		http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
 PKGNAMESUFFIX=		-112
 DISTNAME=		${PORTNAME}-${PORTVERSION}-signed
 EXTRACT_SUFX=		.tar
+PATCHFILES=		2015-001-patch-r112.txt
 
 PATCH_SITES=		http://web.mit.edu/kerberos/advisories/
 PATCH_DIST_STRIP=	-p2
diff --git a/security/krb5-112/distinfo b/security/krb5-112/distinfo
index 964947a9eaf..1151f0a6f5c 100644
--- a/security/krb5-112/distinfo
+++ b/security/krb5-112/distinfo
@@ -1,2 +1,4 @@
 SHA256 (krb5-1.12.2-signed.tar) = 09bd180107b5c2b3b7378c57c023fb02a103d4cac39d6f2dd600275d7a4f3744
 SIZE (krb5-1.12.2-signed.tar) = 11991040
+SHA256 (2015-001-patch-r112.txt) = 75d1d070293fef7faa2c5ffbe8de4afaefb95449564e7dd5da458588ba637449
+SIZE (2015-001-patch-r112.txt) = 12130
diff --git a/security/krb5/Makefile b/security/krb5/Makefile
index 760618ee38e..5d19e3ffd7e 100644
--- a/security/krb5/Makefile
+++ b/security/krb5/Makefile
@@ -3,10 +3,12 @@
 
 PORTNAME=		krb5
 PORTVERSION=		1.13
+PORTREVISION=		1
 CATEGORIES=		security
 MASTER_SITES=		http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
 DISTNAME=		${PORTNAME}-${PORTVERSION}-signed
 EXTRACT_SUFX=		.tar
+PATCHFILES=		2015-001-patch-r113.txt
 
 PATCH_SITES=		http://web.mit.edu/kerberos/advisories/
 PATCH_DIST_STRIP=	-p2
@@ -67,7 +69,13 @@ PLIST_SUB+=		LDAP="@comment "
 .endif
 
 .if ${PORT_OPTIONS:MREADLINE}
+.if ${OSVERSION} >= 1100000
+# libtool has some gas with libreadline in 11-CURRENT.
+BUILD_DEPENDS+=		${LOCALBASE}/lib/libreadline.so.6:${PORTSDIR}/devel/readline
+LIB_DEPENDS+=		${LOCALBASE}/lib/libreadline.so.6:${PORTSDIR}/devel/readline
+.else
 USES+=			readline:port
+.endif
 CONFIGURE_ARGS+=	--with-readline
 .endif
 
diff --git a/security/krb5/distinfo b/security/krb5/distinfo
index 89e5f8d2075..138ca157023 100644
--- a/security/krb5/distinfo
+++ b/security/krb5/distinfo
@@ -1,2 +1,4 @@
 SHA256 (krb5-1.13-signed.tar) = dc8f79ae9ab777d0f815e84ed02ac4ccfe3d5826eb4947a195dfce9fd95a9582
 SIZE (krb5-1.13-signed.tar) = 12083200
+SHA256 (2015-001-patch-r113.txt) = c41cb0dd88abb53543697a6e91832d6e0639a99a811c3092904eff03fa4b5ec6
+SIZE (2015-001-patch-r113.txt) = 12569
author	cy <cy@FreeBSD.org>	2015-02-05 04:47:04 +0800
committer	cy <cy@FreeBSD.org>	2015-02-05 04:47:04 +0800
commit	6281aeb1476bd429eaa2ebe4a60165842963d02c (patch)
tree	9f7ec47e0f4e680a123a688259ad589635f37f37
parent	0ee3a761b1aebee1016d5dcc9710ed18f44ed97d (diff)
download	freebsd-ports-graphics-6281aeb1476bd429eaa2ebe4a60165842963d02c.tar.gz freebsd-ports-graphics-6281aeb1476bd429eaa2ebe4a60165842963d02c.tar.zst freebsd-ports-graphics-6281aeb1476bd429eaa2ebe4a60165842963d02c.zip