head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.8 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.6 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.4 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.2 pkgsrc-2011Q2-base:1.2 pkgsrc-2010Q4:1.1.0.16 pkgsrc-2010Q4-base:1.1 pkgsrc-2010Q3:1.1.0.14 pkgsrc-2010Q3-base:1.1 pkgsrc-2010Q2:1.1.0.12 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.10 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.8 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.6 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.4 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2011.03.22.23.31.05; author tez; state dead; branches; next 1.1; 1.1 date 2009.04.21.18.58.18; author tez; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2009.04.21.18.58.18; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2009.04.23.20.38.05; author tron; state Exp; branches; next ; desc @@ 1.2 log @Update MIT Kerberos to v1.8.3 with the latest security patches up to and including MITKRB5-SA-2011-003. Please see http://web.mit.edu/kerberos/ for the change logs since v1.4.2 Note that the r-services, telnetd and ftpd services and the related client applications are now in a separate pacakge security/mit-krb5-appl. @ text @--- tests/asn.1/krb5_decode_test.c.orig 2009-04-17 16:25:31.678326000 -0500 +++ tests/asn.1/krb5_decode_test.c 2009-04-17 16:26:03.499429900 -0500 @@@@ -485,6 +485,22 @@@@ ktest_destroy_keyblock(&(ref.subkey)); ref.seq_number = 0; decode_run("ap_rep_enc_part","(optionals NULL)","7B 1C 30 1A A0 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A A1 05 02 03 01 E2 40",decode_krb5_ap_rep_enc_part,ktest_equal_ap_rep_enc_part,krb5_free_ap_rep_enc_part); + + retval = krb5_data_hex_parse(&code, "7B 06 30 04 A0 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A A1 05 02 03 01 E2 40"); + if (retval) { + com_err("krb5_decode_test", retval, "while parsing"); + exit(1); + } + retval = decode_krb5_ap_rep_enc_part(&code, &var); + if (retval != ASN1_OVERRUN) { + printf("ERROR: "); + } else { + printf("OK: "); + } + printf("ap_rep_enc_part(optionals NULL + expect ASN1_OVERRUN for inconsistent length of timestamp)\n"); + krb5_free_data_contents(test_context, &code); + krb5_free_ap_rep_enc_part(test_context, var); + ktest_empty_ap_rep_enc_part(&ref); } @ 1.1 log @Add patches for CVE-2009-0846 & CVE-2009-0847 approved by agc @ text @@ 1.1.2.1 log @file patch-bp was added on branch pkgsrc-2009Q1 on 2009-04-23 20:38:05 +0000 @ text @d1 25 @ 1.1.2.2 log @Pullup ticket #2747 - requested by tez mit-krb5: security patch Revisions pulled up: - security/mit-krb5/Makefile 1.45 - security/mit-krb5/distinfo 1.22 - security/mit-krb5/patches/patch-bn 1.1 - security/mit-krb5/patches/patch-bo 1.1 - security/mit-krb5/patches/patch-bp 1.1 --- Module Name: pkgsrc Committed By: tez Date: Tue Apr 21 18:58:18 UTC 2009 Modified Files: pkgsrc/security/mit-krb5: Makefile distinfo Added Files: pkgsrc/security/mit-krb5/patches: patch-bn patch-bo patch-bp Log Message: Add patches for CVE-2009-0846 & CVE-2009-0847 approved by agc @ text @a0 25 --- tests/asn.1/krb5_decode_test.c.orig 2009-04-17 16:25:31.678326000 -0500 +++ tests/asn.1/krb5_decode_test.c 2009-04-17 16:26:03.499429900 -0500 @@@@ -485,6 +485,22 @@@@ ktest_destroy_keyblock(&(ref.subkey)); ref.seq_number = 0; decode_run("ap_rep_enc_part","(optionals NULL)","7B 1C 30 1A A0 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A A1 05 02 03 01 E2 40",decode_krb5_ap_rep_enc_part,ktest_equal_ap_rep_enc_part,krb5_free_ap_rep_enc_part); + + retval = krb5_data_hex_parse(&code, "7B 06 30 04 A0 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A A1 05 02 03 01 E2 40"); + if (retval) { + com_err("krb5_decode_test", retval, "while parsing"); + exit(1); + } + retval = decode_krb5_ap_rep_enc_part(&code, &var); + if (retval != ASN1_OVERRUN) { + printf("ERROR: "); + } else { + printf("OK: "); + } + printf("ap_rep_enc_part(optionals NULL + expect ASN1_OVERRUN for inconsistent length of timestamp)\n"); + krb5_free_data_contents(test_context, &code); + krb5_free_ap_rep_enc_part(test_context, var); + ktest_empty_ap_rep_enc_part(&ref); } @