aboutsummaryrefslogtreecommitdiffstats
path: root/security/krb5-appl
diff options
context:
space:
mode:
authorcy <cy@FreeBSD.org>2008-03-20 03:26:53 +0800
committercy <cy@FreeBSD.org>2008-03-20 03:26:53 +0800
commitd288d15fc8f6bd3f30e7099d7dd7b6ae19dc8d84 (patch)
tree0f7a53c6e508d9931cdb566408222a9f536798b6 /security/krb5-appl
parent247f8aa1fb557b74376a40e8c9c3507f0c34f366 (diff)
downloadfreebsd-ports-graphics-d288d15fc8f6bd3f30e7099d7dd7b6ae19dc8d84.tar.gz
freebsd-ports-graphics-d288d15fc8f6bd3f30e7099d7dd7b6ae19dc8d84.tar.zst
freebsd-ports-graphics-d288d15fc8f6bd3f30e7099d7dd7b6ae19dc8d84.zip
Fixes for multiple vulnerabilities.
Security: US-CERT Technical Cyber Security Alert TA08-079B -- MIT Kerberos Updates for Multiple Vulnerabilities US-CERT Vulnerability Note VU#895609, US-CERT Vulnerability Note VU#374121 MIT krb5 Security Advisory 2008-001 MIT krb5 Security Advisory 2008-002
Diffstat (limited to 'security/krb5-appl')
-rw-r--r--security/krb5-appl/Makefile5
-rw-r--r--security/krb5-appl/distinfo3
-rw-r--r--security/krb5-appl/files/patch-lib-rpc-svc.c24
-rw-r--r--security/krb5-appl/files/patch-lib-rpc-svc_tcp.c51
4 files changed, 82 insertions, 1 deletions
diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile
index 118709df585..1ab490d7c59 100644
--- a/security/krb5-appl/Makefile
+++ b/security/krb5-appl/Makefile
@@ -7,11 +7,14 @@
PORTNAME= krb5
PORTVERSION= 1.6.3
-PORTREVISION= 4
+PORTREVISION= 5
CATEGORIES= security
MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
+PATCH_SITES= http://web.mit.edu/kerberos/advisories/
DISTNAME= ${PORTNAME}-${PORTVERSION}-signed
EXTRACT_SUFX= .tar
+PATCHFILES= 2008-001-patch.txt
+PATCH_DIST_STRIP= -p1
MAINTAINER= cy@FreeBSD.org
COMMENT= An authentication system developed at MIT, successor to Kerberos IV
diff --git a/security/krb5-appl/distinfo b/security/krb5-appl/distinfo
index f9332216ac6..76109873f35 100644
--- a/security/krb5-appl/distinfo
+++ b/security/krb5-appl/distinfo
@@ -1,3 +1,6 @@
MD5 (krb5-1.6.3-signed.tar) = 2dc1307686eb1c2bf1ab08ea805dad46
SHA256 (krb5-1.6.3-signed.tar) = 7a1bd7d4bd326828c8ee382ed2b69ccd6c58762601df897d6a32169d84583d2a
SIZE (krb5-1.6.3-signed.tar) = 11909120
+MD5 (2008-001-patch.txt) = 3bbb7a6a7738c086f5d5dfcf09da9cbb
+SHA256 (2008-001-patch.txt) = 4d02be765ff12d21ddf1cfa170e5ff4067e9c364a401d7e06ece329566139736
+SIZE (2008-001-patch.txt) = 10854
diff --git a/security/krb5-appl/files/patch-lib-rpc-svc.c b/security/krb5-appl/files/patch-lib-rpc-svc.c
new file mode 100644
index 00000000000..395039040b0
--- /dev/null
+++ b/security/krb5-appl/files/patch-lib-rpc-svc.c
@@ -0,0 +1,24 @@
+=== lib/rpc/svc.c
+==================================================================
+--- lib/rpc/svc.c (revision 1666)
++++ lib/rpc/svc.c (local)
+@@ -109,15 +109,17 @@
+ if (sock < FD_SETSIZE) {
+ xports[sock] = xprt;
+ FD_SET(sock, &svc_fdset);
++ if (sock > svc_maxfd)
++ svc_maxfd = sock;
+ }
+ #else
+ if (sock < NOFILE) {
+ xports[sock] = xprt;
+ svc_fds |= (1 << sock);
++ if (sock > svc_maxfd)
++ svc_maxfd = sock;
+ }
+ #endif /* def FD_SETSIZE */
+- if (sock > svc_maxfd)
+- svc_maxfd = sock;
+ }
+
+ /*
diff --git a/security/krb5-appl/files/patch-lib-rpc-svc_tcp.c b/security/krb5-appl/files/patch-lib-rpc-svc_tcp.c
new file mode 100644
index 00000000000..9c51fafc62b
--- /dev/null
+++ b/security/krb5-appl/files/patch-lib-rpc-svc_tcp.c
@@ -0,0 +1,51 @@
+=== lib/rpc/svc_tcp.c
+==================================================================
+--- lib/rpc/svc_tcp.c (revision 1666)
++++ lib/rpc/svc_tcp.c (local)
+@@ -54,6 +54,14 @@
+ extern errno;
+ */
+
++#ifndef FD_SETSIZE
++#ifdef NBBY
++#define NOFILE (sizeof(int) * NBBY)
++#else
++#define NOFILE (sizeof(int) * 8)
++#endif
++#endif
++
+ /*
+ * Ops vector for TCP/IP based rpc service handle
+ */
+@@ -215,6 +223,19 @@
+ register SVCXPRT *xprt;
+ register struct tcp_conn *cd;
+
++#ifdef FD_SETSIZE
++ if (fd >= FD_SETSIZE) {
++ (void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n");
++ xprt = NULL;
++ goto done;
++ }
++#else
++ if (fd >= NOFILE) {
++ (void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n");
++ xprt = NULL;
++ goto done;
++ }
++#endif
+ xprt = (SVCXPRT *)mem_alloc(sizeof(SVCXPRT));
+ if (xprt == (SVCXPRT *)NULL) {
+ (void) fprintf(stderr, "svc_tcp: makefd_xprt: out of memory\n");
+@@ -271,6 +292,10 @@
+ * make a new transporter (re-uses xprt)
+ */
+ xprt = makefd_xprt(sock, r->sendsize, r->recvsize);
++ if (xprt == NULL) {
++ close(sock);
++ return (FALSE);
++ }
+ xprt->xp_raddr = addr;
+ xprt->xp_addrlen = len;
+ xprt->xp_laddr = laddr;
+