head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.8 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.6 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.4 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.2 pkgsrc-2011Q2-base:1.2 pkgsrc-2010Q4:1.1.0.16 pkgsrc-2010Q4-base:1.1 pkgsrc-2010Q3:1.1.0.14 pkgsrc-2010Q3-base:1.1 pkgsrc-2010Q2:1.1.0.12 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.10 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.8 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.6 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.4 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2011.03.22.23.31.04; author tez; state dead; branches; next 1.1; 1.1 date 2009.04.21.18.58.18; author tez; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2009.04.21.18.58.18; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2009.04.23.20.38.05; author tron; state Exp; branches; next ; desc @@ 1.2 log @Update MIT Kerberos to v1.8.3 with the latest security patches up to and including MITKRB5-SA-2011-003. Please see http://web.mit.edu/kerberos/ for the change logs since v1.4.2 Note that the r-services, telnetd and ftpd services and the related client applications are now in a separate pacakge security/mit-krb5-appl. @ text @--- lib/krb5/asn.1/asn1buf.c.orig 2009-04-17 16:07:27.348357800 -0500 +++ lib/krb5/asn.1/asn1buf.c 2009-04-17 16:23:10.726869700 -0500 @@@@ -78,11 +78,11 @@@@ asn1_error_code asn1buf_imbed(asn1buf *subbuf, const asn1buf *buf, const unsigned int length, const int indef) { + if (buf->next > buf->bound + 1) return ASN1_OVERRUN; subbuf->base = subbuf->next = buf->next; if (!indef) { + if (length > (size_t)(buf->bound + 1 - buf->next)) return ASN1_OVERRUN; subbuf->bound = subbuf->base + length - 1; - if (subbuf->bound > buf->bound) - return ASN1_OVERRUN; } else /* constructed indefinite */ subbuf->bound = buf->bound; return 0; @@@@ -200,6 +200,7 @@@@ { int i; + if (buf->next > buf->bound + 1) return ASN1_OVERRUN; if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN; if (len == 0) { *s = 0; @@@@ -218,6 +219,7 @@@@ { int i; + if (buf->next > buf->bound + 1) return ASN1_OVERRUN; if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN; if (len == 0) { *s = 0; @ 1.1 log @Add patches for CVE-2009-0846 & CVE-2009-0847 approved by agc @ text @@ 1.1.2.1 log @file patch-bn was added on branch pkgsrc-2009Q1 on 2009-04-23 20:38:05 +0000 @ text @d1 32 @ 1.1.2.2 log @Pullup ticket #2747 - requested by tez mit-krb5: security patch Revisions pulled up: - security/mit-krb5/Makefile 1.45 - security/mit-krb5/distinfo 1.22 - security/mit-krb5/patches/patch-bn 1.1 - security/mit-krb5/patches/patch-bo 1.1 - security/mit-krb5/patches/patch-bp 1.1 --- Module Name: pkgsrc Committed By: tez Date: Tue Apr 21 18:58:18 UTC 2009 Modified Files: pkgsrc/security/mit-krb5: Makefile distinfo Added Files: pkgsrc/security/mit-krb5/patches: patch-bn patch-bo patch-bp Log Message: Add patches for CVE-2009-0846 & CVE-2009-0847 approved by agc @ text @a0 32 --- lib/krb5/asn.1/asn1buf.c.orig 2009-04-17 16:07:27.348357800 -0500 +++ lib/krb5/asn.1/asn1buf.c 2009-04-17 16:23:10.726869700 -0500 @@@@ -78,11 +78,11 @@@@ asn1_error_code asn1buf_imbed(asn1buf *subbuf, const asn1buf *buf, const unsigned int length, const int indef) { + if (buf->next > buf->bound + 1) return ASN1_OVERRUN; subbuf->base = subbuf->next = buf->next; if (!indef) { + if (length > (size_t)(buf->bound + 1 - buf->next)) return ASN1_OVERRUN; subbuf->bound = subbuf->base + length - 1; - if (subbuf->bound > buf->bound) - return ASN1_OVERRUN; } else /* constructed indefinite */ subbuf->bound = buf->bound; return 0; @@@@ -200,6 +200,7 @@@@ { int i; + if (buf->next > buf->bound + 1) return ASN1_OVERRUN; if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN; if (len == 0) { *s = 0; @@@@ -218,6 +219,7 @@@@ { int i; + if (buf->next > buf->bound + 1) return ASN1_OVERRUN; if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN; if (len == 0) { *s = 0; @