diff options
author | cy <cy@FreeBSD.org> | 2008-03-20 03:26:53 +0800 |
---|---|---|
committer | cy <cy@FreeBSD.org> | 2008-03-20 03:26:53 +0800 |
commit | d288d15fc8f6bd3f30e7099d7dd7b6ae19dc8d84 (patch) | |
tree | 0f7a53c6e508d9931cdb566408222a9f536798b6 /security/krb5-appl | |
parent | 247f8aa1fb557b74376a40e8c9c3507f0c34f366 (diff) | |
download | freebsd-ports-graphics-d288d15fc8f6bd3f30e7099d7dd7b6ae19dc8d84.tar.gz freebsd-ports-graphics-d288d15fc8f6bd3f30e7099d7dd7b6ae19dc8d84.tar.zst freebsd-ports-graphics-d288d15fc8f6bd3f30e7099d7dd7b6ae19dc8d84.zip |
Fixes for multiple vulnerabilities.
Security: US-CERT Technical Cyber Security Alert TA08-079B --
MIT Kerberos Updates for Multiple Vulnerabilities
US-CERT Vulnerability Note VU#895609,
US-CERT Vulnerability Note VU#374121
MIT krb5 Security Advisory 2008-001
MIT krb5 Security Advisory 2008-002
Diffstat (limited to 'security/krb5-appl')
-rw-r--r-- | security/krb5-appl/Makefile | 5 | ||||
-rw-r--r-- | security/krb5-appl/distinfo | 3 | ||||
-rw-r--r-- | security/krb5-appl/files/patch-lib-rpc-svc.c | 24 | ||||
-rw-r--r-- | security/krb5-appl/files/patch-lib-rpc-svc_tcp.c | 51 |
4 files changed, 82 insertions, 1 deletions
diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile index 118709df585..1ab490d7c59 100644 --- a/security/krb5-appl/Makefile +++ b/security/krb5-appl/Makefile @@ -7,11 +7,14 @@ PORTNAME= krb5 PORTVERSION= 1.6.3 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ +PATCH_SITES= http://web.mit.edu/kerberos/advisories/ DISTNAME= ${PORTNAME}-${PORTVERSION}-signed EXTRACT_SUFX= .tar +PATCHFILES= 2008-001-patch.txt +PATCH_DIST_STRIP= -p1 MAINTAINER= cy@FreeBSD.org COMMENT= An authentication system developed at MIT, successor to Kerberos IV diff --git a/security/krb5-appl/distinfo b/security/krb5-appl/distinfo index f9332216ac6..76109873f35 100644 --- a/security/krb5-appl/distinfo +++ b/security/krb5-appl/distinfo @@ -1,3 +1,6 @@ MD5 (krb5-1.6.3-signed.tar) = 2dc1307686eb1c2bf1ab08ea805dad46 SHA256 (krb5-1.6.3-signed.tar) = 7a1bd7d4bd326828c8ee382ed2b69ccd6c58762601df897d6a32169d84583d2a SIZE (krb5-1.6.3-signed.tar) = 11909120 +MD5 (2008-001-patch.txt) = 3bbb7a6a7738c086f5d5dfcf09da9cbb +SHA256 (2008-001-patch.txt) = 4d02be765ff12d21ddf1cfa170e5ff4067e9c364a401d7e06ece329566139736 +SIZE (2008-001-patch.txt) = 10854 diff --git a/security/krb5-appl/files/patch-lib-rpc-svc.c b/security/krb5-appl/files/patch-lib-rpc-svc.c new file mode 100644 index 00000000000..395039040b0 --- /dev/null +++ b/security/krb5-appl/files/patch-lib-rpc-svc.c @@ -0,0 +1,24 @@ +=== lib/rpc/svc.c +================================================================== +--- lib/rpc/svc.c (revision 1666) ++++ lib/rpc/svc.c (local) +@@ -109,15 +109,17 @@ + if (sock < FD_SETSIZE) { + xports[sock] = xprt; + FD_SET(sock, &svc_fdset); ++ if (sock > svc_maxfd) ++ svc_maxfd = sock; + } + #else + if (sock < NOFILE) { + xports[sock] = xprt; + svc_fds |= (1 << sock); ++ if (sock > svc_maxfd) ++ svc_maxfd = sock; + } + #endif /* def FD_SETSIZE */ +- if (sock > svc_maxfd) +- svc_maxfd = sock; + } + + /* diff --git a/security/krb5-appl/files/patch-lib-rpc-svc_tcp.c b/security/krb5-appl/files/patch-lib-rpc-svc_tcp.c new file mode 100644 index 00000000000..9c51fafc62b --- /dev/null +++ b/security/krb5-appl/files/patch-lib-rpc-svc_tcp.c @@ -0,0 +1,51 @@ +=== lib/rpc/svc_tcp.c +================================================================== +--- lib/rpc/svc_tcp.c (revision 1666) ++++ lib/rpc/svc_tcp.c (local) +@@ -54,6 +54,14 @@ + extern errno; + */ + ++#ifndef FD_SETSIZE ++#ifdef NBBY ++#define NOFILE (sizeof(int) * NBBY) ++#else ++#define NOFILE (sizeof(int) * 8) ++#endif ++#endif ++ + /* + * Ops vector for TCP/IP based rpc service handle + */ +@@ -215,6 +223,19 @@ + register SVCXPRT *xprt; + register struct tcp_conn *cd; + ++#ifdef FD_SETSIZE ++ if (fd >= FD_SETSIZE) { ++ (void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n"); ++ xprt = NULL; ++ goto done; ++ } ++#else ++ if (fd >= NOFILE) { ++ (void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n"); ++ xprt = NULL; ++ goto done; ++ } ++#endif + xprt = (SVCXPRT *)mem_alloc(sizeof(SVCXPRT)); + if (xprt == (SVCXPRT *)NULL) { + (void) fprintf(stderr, "svc_tcp: makefd_xprt: out of memory\n"); +@@ -271,6 +292,10 @@ + * make a new transporter (re-uses xprt) + */ + xprt = makefd_xprt(sock, r->sendsize, r->recvsize); ++ if (xprt == NULL) { ++ close(sock); ++ return (FALSE); ++ } + xprt->xp_raddr = addr; + xprt->xp_addrlen = len; + xprt->xp_laddr = laddr; + |