head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.8
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.6
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.4
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.2
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2010Q4:1.1.0.28
	pkgsrc-2010Q4-base:1.1
	pkgsrc-2010Q3:1.1.0.26
	pkgsrc-2010Q3-base:1.1
	pkgsrc-2010Q2:1.1.0.24
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.22
	pkgsrc-2010Q1-base:1.1
	pkgsrc-2009Q4:1.1.0.20
	pkgsrc-2009Q4-base:1.1
	pkgsrc-2009Q3:1.1.0.18
	pkgsrc-2009Q3-base:1.1
	pkgsrc-2009Q2:1.1.0.16
	pkgsrc-2009Q2-base:1.1
	pkgsrc-2009Q1:1.1.0.14
	pkgsrc-2009Q1-base:1.1
	pkgsrc-2008Q4:1.1.0.12
	pkgsrc-2008Q4-base:1.1
	pkgsrc-2008Q3:1.1.0.10
	pkgsrc-2008Q3-base:1.1
	cube-native-xorg:1.1.0.8
	cube-native-xorg-base:1.1
	pkgsrc-2008Q2:1.1.0.6
	pkgsrc-2008Q2-base:1.1
	cwrapper:1.1.0.4
	pkgsrc-2008Q1:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2011.03.22.23.31.04;	author tez;	state dead;
branches;
next	1.1;

1.1
date	2008.06.07.22.26.10;	author tonnerre;	state Exp;
branches
	1.1.2.1;
next	;

1.1.2.1
date	2008.06.07.22.26.10;	author tron;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2008.06.08.11.47.13;	author tron;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update MIT Kerberos to v1.8.3 with the latest security patches up to and
including MITKRB5-SA-2011-003.

Please see http://web.mit.edu/kerberos/ for the change logs since v1.4.2

Note that the r-services, telnetd and ftpd services and the related client
applications are now in a separate pacakge security/mit-krb5-appl.
@
text
@$NetBSD: patch-bg,v 1.1 2008/06/07 22:26:10 tonnerre Exp $

--- lib/rpc/svc_auth_unix.c.orig	2004-09-17 23:52:11.000000000 +0200
+++ lib/rpc/svc_auth_unix.c
@@@@ -64,8 +64,7 @@@@ gssrpc__svcauth_unix(
 		char area_machname[MAX_MACHINE_NAME+1];
 		int area_gids[NGRPS];
 	} *area;
-	u_int auth_len;
-	int str_len, gid_len;
+	u_int auth_len, str_len, gid_len;
 	register int i;
 
 	rqst->rq_xprt->xp_auth = &svc_auth_none;
@@@@ -74,7 +73,9 @@@@ gssrpc__svcauth_unix(
 	aup = &area->area_aup;
 	aup->aup_machname = area->area_machname;
 	aup->aup_gids = area->area_gids;
-	auth_len = (u_int)msg->rm_call.cb_cred.oa_length;
+	auth_len = msg->rm_call.cb_cred.oa_length;
+	if (auth_len > INT_MAX)
+		return AUTH_BADCRED;
 	xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,XDR_DECODE);
 	buf = XDR_INLINE(&xdrs, (int)auth_len);
 	if (buf != NULL) {
@@@@ -84,7 +85,7 @@@@ gssrpc__svcauth_unix(
 			stat = AUTH_BADCRED;
 			goto done;
 		}
-		memmove(aup->aup_machname, (caddr_t)buf, (u_int)str_len);
+		memmove(aup->aup_machname, buf, str_len);
 		aup->aup_machname[str_len] = 0;
 		str_len = RNDUP(str_len);
 		buf += str_len / BYTES_PER_XDR_UNIT;
@@@@ -104,7 +105,7 @@@@ gssrpc__svcauth_unix(
 		 * timestamp, hostname len (0), uid, gid, and gids len (0).
 		 */
 		if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) {
-			(void) printf("bad auth_len gid %d str %d auth %d\n",
+			(void) printf("bad auth_len gid %u str %u auth %u\n",
 			    gid_len, str_len, auth_len);
 			stat = AUTH_BADCRED;
 			goto done;
@


1.1
log
@Add patches for MITKRB5-SA-2007-004 and MITKRB5-SA-2007-005. PKGREVISION
will be bumped again once some other patches are in.
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-bg was added on branch pkgsrc-2008Q1 on 2008-06-08 11:47:13 +0000
@
text
@d1 43
@


1.1.2.2
log
@Pullup ticket #2417 - requested by tonnerre
Security patches for mit-krb5

Revisions pulled up:
- security/mit-krb5/Makefile		1.42
- security/mit-krb5/distinfo		1.17-1.19
- security/mit-krb5/patches/patch-ai	1.3-1.4
- security/mit-krb5/patches/patch-au	1.1-1.2
- security/mit-krb5/patches/patch-av	1.1-1.2
- security/mit-krb5/patches/patch-aw	1.1-1.2
- security/mit-krb5/patches/patch-ax	1.1-1.2
- security/mit-krb5/patches/patch-ay	1.1-1.2
- security/mit-krb5/patches/patch-az	1.1-1.2
- security/mit-krb5/patches/patch-ba	1.1-1.3
- security/mit-krb5/patches/patch-bb	1.1-1.2
- security/mit-krb5/patches/patch-bc	1.1-1.2
- security/mit-krb5/patches/patch-bd	1.1-1.2
- security/mit-krb5/patches/patch-be	1.1-1.2
- security/mit-krb5/patches/patch-bf	1.1
- security/mit-krb5/patches/patch-bg	1.1
---
    Module Name:	pkgsrc
    Committed By:	tonnerre
    Date:		Sat Jun  7 18:36:07 UTC 2008

    Modified Files:
    	pkgsrc/security/mit-krb5: Makefile distinfo
    Added Files:
    	pkgsrc/security/mit-krb5/patches: patch-ai patch-au patch-av
    patch-aw patch-ax patch-ay patch-az patch-ba patch-bb patch-bc patch-bd
    	    patch-be

    Log Message:
    Add security patches for 3 Kerberos vulnerabilities:
     - telnetd username and environment sanitizing vulnerabilities ("-f
    root") as described in MIT Kerberos advisory 2007-001.
     - krb5_klog_syslog() problems with overly long log strings as described
       in MIT Kerberos advisory 2007-002.
     - GSS API kg_unseal_v1() double free vulnerability as described in the
       MIT Kerberos advisory 2007-003.
---
    Module Name:	pkgsrc
    Committed By:	tonnerre
    Date:		Sat Jun  7 20:22:18 UTC 2008

    Modified Files:
    	pkgsrc/security/mit-krb5: distinfo
    	pkgsrc/security/mit-krb5/patches: patch-ai patch-au patch-av
    patch-aw patch-ax patch-ay patch-az patch-ba patch-bb patch-bc patch-bd
    	    patch-be

    Log Message:
    Remove parts of a different security patch which slipped in but are not
    supported yet. Don't bump revision as the package didn't build before.
---
    Module Name:	pkgsrc
    Committed By:	tonnerre
    Date:		Sat Jun  7 22:26:10 UTC 2008

    Modified Files:
    	pkgsrc/security/mit-krb5: distinfo
    	pkgsrc/security/mit-krb5/patches: patch-ba
    Added Files:
    	pkgsrc/security/mit-krb5/patches: patch-bf patch-bg

    Log Message:
    Add patches for MITKRB5-SA-2007-004 and MITKRB5-SA-2007-005. PKGREVISION
    will be bumped again once some other patches are in.
@
text
@a0 43
$NetBSD: patch-bg,v 1.1 2008/06/07 22:26:10 tonnerre Exp $

--- lib/rpc/svc_auth_unix.c.orig	2004-09-17 23:52:11.000000000 +0200
+++ lib/rpc/svc_auth_unix.c
@@@@ -64,8 +64,7 @@@@ gssrpc__svcauth_unix(
 		char area_machname[MAX_MACHINE_NAME+1];
 		int area_gids[NGRPS];
 	} *area;
-	u_int auth_len;
-	int str_len, gid_len;
+	u_int auth_len, str_len, gid_len;
 	register int i;
 
 	rqst->rq_xprt->xp_auth = &svc_auth_none;
@@@@ -74,7 +73,9 @@@@ gssrpc__svcauth_unix(
 	aup = &area->area_aup;
 	aup->aup_machname = area->area_machname;
 	aup->aup_gids = area->area_gids;
-	auth_len = (u_int)msg->rm_call.cb_cred.oa_length;
+	auth_len = msg->rm_call.cb_cred.oa_length;
+	if (auth_len > INT_MAX)
+		return AUTH_BADCRED;
 	xdrmem_create(&xdrs, msg->rm_call.cb_cred.oa_base, auth_len,XDR_DECODE);
 	buf = XDR_INLINE(&xdrs, (int)auth_len);
 	if (buf != NULL) {
@@@@ -84,7 +85,7 @@@@ gssrpc__svcauth_unix(
 			stat = AUTH_BADCRED;
 			goto done;
 		}
-		memmove(aup->aup_machname, (caddr_t)buf, (u_int)str_len);
+		memmove(aup->aup_machname, buf, str_len);
 		aup->aup_machname[str_len] = 0;
 		str_len = RNDUP(str_len);
 		buf += str_len / BYTES_PER_XDR_UNIT;
@@@@ -104,7 +105,7 @@@@ gssrpc__svcauth_unix(
 		 * timestamp, hostname len (0), uid, gid, and gids len (0).
 		 */
 		if ((5 + gid_len) * BYTES_PER_XDR_UNIT + str_len > auth_len) {
-			(void) printf("bad auth_len gid %d str %d auth %d\n",
+			(void) printf("bad auth_len gid %u str %u auth %u\n",
 			    gid_len, str_len, auth_len);
 			stat = AUTH_BADCRED;
 			goto done;
@