diff options
author | cy <cy@FreeBSD.org> | 2005-07-12 21:29:26 +0000 |
---|---|---|
committer | cy <cy@FreeBSD.org> | 2005-07-12 21:29:26 +0000 |
commit | 73b094fdb8ff8c4bd0c32476bd88f835211526de (patch) | |
tree | ef4356b15ffba27bbcd8840bd32dc10968650551 /security/krb5-17 | |
parent | 92be623b82608ca1355c296affe6faf4ff7c7b28 (diff) | |
download | FreeBSD-ports-73b094fdb8ff8c4bd0c32476bd88f835211526de.zip FreeBSD-ports-73b094fdb8ff8c4bd0c32476bd88f835211526de.tar.gz |
Fix:
- MIT KRB5 Security Advisory 2005-002: Buffer overflow, heap corruption in KDC
- MIT KRB5 Security Advisory 2005-003: Double free in krb5_recvauth
Diffstat (limited to 'security/krb5-17')
-rw-r--r-- | security/krb5-17/Makefile | 1 | ||||
-rw-r--r-- | security/krb5-17/files/patch-lib::krb5::krb::recvauth.c | 18 | ||||
-rw-r--r-- | security/krb5-17/files/patch-lib::krb5::krb::unparse.c | 11 |
3 files changed, 30 insertions, 0 deletions
diff --git a/security/krb5-17/Makefile b/security/krb5-17/Makefile index 2f36893..5818048 100644 --- a/security/krb5-17/Makefile +++ b/security/krb5-17/Makefile @@ -7,6 +7,7 @@ PORTNAME= krb5 PORTVERSION= 1.4.1 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PORTVERSION:C/\.[0-9]*$/&/:C/\.[0-9]*$//}/ EXTRACT_SUFX= .tar diff --git a/security/krb5-17/files/patch-lib::krb5::krb::recvauth.c b/security/krb5-17/files/patch-lib::krb5::krb::recvauth.c new file mode 100644 index 0000000..e30b725 --- /dev/null +++ b/security/krb5-17/files/patch-lib::krb5::krb::recvauth.c @@ -0,0 +1,18 @@ +--- lib/krb5/krb/recvauth.c.orig Mon Sep 2 18:13:47 2002 ++++ lib/krb5/krb/recvauth.c Tue Jul 12 14:02:03 2005 +@@ -76,7 +76,6 @@ + if ((retval = krb5_read_message(context, fd, &inbuf))) + return(retval); + if (strcmp(inbuf.data, sendauth_version)) { +- krb5_xfree(inbuf.data); + problem = KRB5_SENDAUTH_BADAUTHVERS; + } + krb5_xfree(inbuf.data); +@@ -90,7 +89,6 @@ + if ((retval = krb5_read_message(context, fd, &inbuf))) + return(retval); + if (appl_version && strcmp(inbuf.data, appl_version)) { +- krb5_xfree(inbuf.data); + if (!problem) + problem = KRB5_SENDAUTH_BADAPPLVERS; + } diff --git a/security/krb5-17/files/patch-lib::krb5::krb::unparse.c b/security/krb5-17/files/patch-lib::krb5::krb::unparse.c new file mode 100644 index 0000000..b45233b --- /dev/null +++ b/security/krb5-17/files/patch-lib::krb5::krb::unparse.c @@ -0,0 +1,11 @@ +--- lib/krb5/krb/unparse.c.orig Tue Jan 18 09:57:32 2005 ++++ lib/krb5/krb/unparse.c Tue Jul 12 14:04:38 2005 +@@ -91,6 +91,8 @@ + totalsize++; + totalsize++; /* This is for the separator */ + } ++ if (nelem == 0) ++ totalsize++; + + /* + * Allocate space for the ascii string; if space has been |