summaryrefslogtreecommitdiff
path: root/security/krb5/files (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove redundant length check.Cy Schubert2009-08-281-11/+0
|
* -Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.Jeremy Messenger2009-08-021-8/+5
| | | | | | | | | | | | | | | | | | -Update libtool and libltdl to 2.2.6a. -Remove devel/libtool15 and devel/libltdl15. -Fix ports build with libtool22/libltdl22. -Bump ports that depend on libltdl22 due to shared library version change. -Explain what to do update in the UPDATING. It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop and applications in the runtime. With help: marcus and kwm Pointyhat-exp: a few times by pav Tested by: pgollucci, "Romain Tartière" <romain@blogreen.org>, and a few MarcusCom CVS users. Also, I might have missed a few. Repocopy by: marcus Approved by: portmgr
* Fixes for multiple vulnerabilities.Cy Schubert2008-03-192-0/+75
| | | | | | | | | Security: US-CERT Technical Cyber Security Alert TA08-079B -- MIT Kerberos Updates for Multiple Vulnerabilities US-CERT Vulnerability Note VU#895609, US-CERT Vulnerability Note VU#374121 MIT krb5 Security Advisory 2008-001 MIT krb5 Security Advisory 2008-002
* Fix build under 7.0-PRERELEASE.Cy Schubert2007-10-291-0/+11
|
* Fix erroneous patch.Cy Schubert2007-10-251-4/+6
| | | | | PR: 117469 Submitted by: Karen Andrews <dearmiss@optusnet.com.au>
* Remove defunct (zero length) patch files.Cy Schubert2007-05-022-0/+0
| | | | Pointy hat to: yours truly
* Update from 1.6 to 1.6.1.Cy Schubert2007-04-2314-945/+0
|
* MIT KRB5 Security patches:Cy Schubert2007-04-0413-0/+903
| | | | | | | | | | 1. MIT krb5 Security Advisory 2007-001: Telnetd allows login as arbitrary user CVE: CVE-2007-0956 CERT: VU#220816 2. MIT krb5 Security Advisory 2007-002: KDC, kadmind stack overflow in krb5_klog_syslog CVE: CVE-2007-0957 CERT: VU#704024
* Fix double-free vulnerability in kadmind (via GSS-API library).Cy Schubert2007-04-041-0/+15
| | | | | Obtained from: MIT krb5 Security Advisory 2007-003 Security: US-CERT Technical Cyber Security Alert TA07-093B -- MIT Kerberos Vulnerabilities
* - Fix after objformat removalPav Lucistnik2007-03-281-12/+16
| | | | Reported by: pointyhat
* Update 1.5.1 --> 1.6Cy Schubert2007-01-102-16/+4
| | | | | Security: MITKRB5-SA-2006-002, MITKRB5-SA-2006-003, and US-CERT Technical Cyber Security Alert TA07-009B
* Update krb5-1.5 --> krb5-1.5.1Cy Schubert2006-09-1713-336/+10
| | | | Submitted by: Paul Vixie <paul@vix.com>
* Cause the KDC to also listen on the loopback interface. This is usefulCy Schubert2006-07-161-0/+75
| | | | | for situations when the database is replicated to a secure environment that does not have network access, by hand.
* Fix plugin loader. This fixes krb5kdc and kdb5_util.Cy Schubert2006-07-1612-0/+336
|
* Update 1.4.3 --> 1.5Cy Schubert2006-07-142-7/+8
|
* Conversion to a single libtool environment.Ade Lovett2006-02-231-1/+1
| | | | Approved by: portmgr (kris)
* Improve runtime performance on Sparc 64 platform.Cy Schubert2005-11-251-4/+11
|
* Fix FreeBSD-4.11 build problemCy Schubert2005-11-081-0/+14
| | | | PR: 87888
* Fix makeinfo problem under FreeBSD-6.0.Cy Schubert2005-11-011-2/+3
|
* Update 1.4.1 --> 1.4.2Cy Schubert2005-10-042-29/+0
|
* Fix:Cy Schubert2005-07-122-0/+29
| | | | | | - MIT KRB5 Security Advisory 2005-002: Buffer overflow, heap corruption in KDC - MIT KRB5 Security Advisory 2005-003: Double free in krb5_recvauth
* Update 1.4 --> 1.4.1.Cy Schubert2005-04-231-95/+0
| | | | Package list fixup when KRB5_KRB4_COMPAT is not specified.
* Update 1.3.6 --> 1.4Cy Schubert2005-04-134-27/+5
|
* Implement a fix for MITKRB5-SA-2005-001: buffer overflows in telnet client.Cy Schubert2005-03-311-0/+95
| | | | | Approved by: portsmgr (krion) Obtained from: Tom Yu <tlyu@mit.edu> on kerberos-announce
* Update 1.3.4 --> 1.3.5Cy Schubert2004-10-203-44/+0
|
* Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilitiesCy Schubert2004-09-012-0/+31
| | | | | | in KDC and libraries Heads-up by: nectar
* Fix MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service.Cy Schubert2004-09-011-0/+13
| | | | Heads-up by: nectar
* Update KRB5 1.3.3 --> 1.3.4Cy Schubert2004-06-111-165/+0
|
* Updated patch for MITKRB5-SA-2004-001: krb5_aname_to_localname buffer overrun.Cy Schubert2004-06-041-11/+13
| | | | Obtained from: Tom Yu <tlyu@mit.edu> on BUGTRAQ
* Fix MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localnameCy Schubert2004-06-021-0/+163
| | | | Obtained from: Tom Yu <tlyu@MIT.EDU> on kerberos-announce list
* Change to src/include/netdb.h 1.31 caused a compile error. ThisCy Schubert2004-01-252-0/+27
| | | | | | commit fixes that error. Reported by: bento
* 1. Fix pkg-plist.Cy Schubert2003-11-081-7/+0
| | | | | | 2. Fix build on -STABLE. PR: 57128
* Patch to fix compiles under -STABLE (RELENG_4).Cy Schubert2003-09-101-2/+12
| | | | | PR: 56169 Submitted by: Sergey Matveychuk <sem@ciam.ru>
* Update 1.2.8 --> 1.3Cy Schubert2003-08-0838-682/+228
|
* Put SONAME entries into shared libraries.Cy Schubert2003-05-0725-0/+450
| | | | Submitted by: wollman
* Update 1.2.7 --> 1.2.8.Cy Schubert2003-05-0715-768/+0
|
* Patches from:Cy Schubert2003-03-2118-0/+838
| | | | | | | | | | | | | | | | | - MITKRB5-SA-2003-005: Buffer overrun and underrun in principal name handling - MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol; KDC and realm compromise possible. - MITKRB5-SA-2003-003: Faulty length checks in xdrmem_getbytes may allow kadmind DoS. - Additional patches from RedHat. Approved by: kris (wearing his portmgr hat) Obtained from: MIT Website and Nalin Dahyabhai <nalin@redhat.com>
* Update 1.2.6 --> 1.2.7Cy Schubert2002-11-161-26/+0
| | | | | Note: Since crypto-publish.org does not yet have krb5-1.2.7 up on their website, fetch from their site has been temporarily disabled.
* Fix buffer overflow in kadmind4 (remote user can gain root access toCy Schubert2002-10-231-0/+26
| | | | | | | KDC host). Obtained from: Tom Yu <tlyu@mit.edu> on kerberos-announce mailing list, MIT krb5 Security Advisory 2002-002
* Update 1.2.5 --> 1.2.6Cy Schubert2002-09-132-36/+0
| | | | | Note: Since crypto-publish.org does not yet have krb5-1.2.6 up on their website, fetch from their site has been temporarily disabled.
* Correct Sun RPC buffer overflow.Jacques Vidrine2002-08-021-0/+20
| | | | | <URL:http://online.securityfocus.com/archive/1/285308> <URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823>
* Fix problem with V4 keys. We should get KRB5_KDB_NO_MATCHING_KEY, notCy Schubert2002-06-261-0/+16
| | | | | | | | ENOENT. Obtained from /cvs/krbdev/krb5/src/kdc/kdc_preauth.c,v rev 5.31 in MIT KRB5 tree (fix etype info; wrong termination condition used in get_etype_info). Obtained from: Sam Hartman <hartmans@mit.edu>
* Update 1.2.2 -> 1.2.3Cy Schubert2002-01-1610-1595/+52
|
* In order to make the MIT KRB5 port compatible with FreeBSD, the portCy Schubert2002-01-085-0/+110
| | | | | | | | | | | now makes use of login.conf and login.access. This is performed by using FreeBSD login(1) instead of MIT KRB5 login.krb5(8). The MIT KRB5 login.krb5(8) can still be used by specifying "-L" in the klogind and telnetd arguments in inetd.conf. This is documented in a new file called README.FreeBSD. Reviewed by: nectar
* = Modify `ksu' so that it uses the login cap database. Michael AllmanJacques Vidrine2001-09-071-25/+82
| | | | | | | | | | <msa@dinosauricon.com> provided the original patches. = For users outside of the US, point to www.crypto-publish.org for the distfiles. It was Chris Knight <chris@aims.com.au>'s idea. Submitted by: Cy.Schubert@uumail.gov.bc.ca (MAINTAINER) PR: ports/29865
* Update telnetd vulnerability fixes from FreeBSD.Jacques Vidrine2001-07-241-0/+11
| | | | Submitted by: Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
* Update telnetd vulnerability fixes from FreeBSD.Jacques Vidrine2001-07-244-28/+102
| | | | Submitted by: Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
* Merge telnetd vulnerability fix from FreeBSD.Jacques Vidrine2001-07-206-0/+1218
| | | | Submitted by: Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
* Security fix:Jacques Vidrine2001-04-271-0/+19
| | | | | | | | ``Buffer overflows exist in the FTP daemon included with MIT krb5.'' See <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt> and <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf_122_patch.txt>. Obtained from: MIT Kerberos mailing list
* Security fix:Jacques Vidrine2001-04-271-3/+273
| | | | | | | | ``Buffer overflows exist in the FTP daemon included with MIT krb5.'' See <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt> and <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf_122_patch.txt>. Obtained from: MIT Kerberos mailing list
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-13 08:33:34 +0000