From 30b9960f1d3a56e756c28686a30805171c6d1e94 Mon Sep 17 00:00:00 2001 From: cy Date: Fri, 25 Mar 2011 00:19:02 +0000 Subject: Apply patch for MITKRB5-SA-2011-003, KDC vulnerable to double-free when PKINIT enabled. Obtained from: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt Security: MITKRB5-SA-2011-003, CVE-2011-0284 Feature safe: yes --- security/krb5/Makefile | 5 +++-- security/krb5/distinfo | 2 ++ 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'security/krb5') diff --git a/security/krb5/Makefile b/security/krb5/Makefile index 95c92d93bb4..6e3fd82e495 100644 --- a/security/krb5/Makefile +++ b/security/krb5/Makefile @@ -7,13 +7,14 @@ PORTNAME= krb5 PORTVERSION= 1.9 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ PATCH_SITES= http://web.mit.edu/kerberos/advisories/ DISTNAME= ${PORTNAME}-${PORTVERSION}-signed EXTRACT_SUFX= .tar -PATCHFILES= 2011-001-patch.txt 2011-002-patch.txt +PATCHFILES= 2011-001-patch.txt 2011-002-patch.txt \ + 2011-003-patch.txt MAINTAINER= cy@FreeBSD.org COMMENT= An authentication system developed at MIT, successor to Kerberos IV diff --git a/security/krb5/distinfo b/security/krb5/distinfo index f47cfb89652..45e51df730c 100644 --- a/security/krb5/distinfo +++ b/security/krb5/distinfo @@ -4,3 +4,5 @@ SHA256 (2011-001-patch.txt) = 25f50e9406a36525b5f727041c9d584ef3f188fa5d3a39b4e6 SIZE (2011-001-patch.txt) = 632 SHA256 (2011-002-patch.txt) = 1b3ccea9022527c36e153c5d89ecfd9609a111e235b1d0430e1fcc6933e76e48 SIZE (2011-002-patch.txt) = 6663 +SHA256 (2011-003-patch.txt) = bf93bbaf5d502f5b5bdcfa612e36c3828d3be869b154545bad1c7109f4eedae4 +SIZE (2011-003-patch.txt) = 544 -- cgit