diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2008-03-19 19:26:53 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2008-03-19 19:26:53 +0000 |
| commit | 14ff4ec24cf8ca0a73ab4cc8b4c533a8a56f4e03 (patch) | |
| tree | 7ce28225a2c4e61b94488e687669ed737a00901b /security/krb5-16 | |
| parent | - Use USE_GL instead of depending directly on glut (diff) | |
Fixes for multiple vulnerabilities.
Security: US-CERT Technical Cyber Security Alert TA08-079B --
MIT Kerberos Updates for Multiple Vulnerabilities
US-CERT Vulnerability Note VU#895609,
US-CERT Vulnerability Note VU#374121
MIT krb5 Security Advisory 2008-001
MIT krb5 Security Advisory 2008-002
Notes
Notes:
svn path=/head/; revision=209396
Diffstat (limited to 'security/krb5-16')
| -rw-r--r-- | security/krb5-16/Makefile | 5 | ||||
| -rw-r--r-- | security/krb5-16/distinfo | 3 | ||||
| -rw-r--r-- | security/krb5-16/files/patch-lib-rpc-svc.c | 24 | ||||
| -rw-r--r-- | security/krb5-16/files/patch-lib-rpc-svc_tcp.c | 51 |
4 files changed, 82 insertions, 1 deletions
diff --git a/security/krb5-16/Makefile b/security/krb5-16/Makefile index 118709df5859..1ab490d7c599 100644 --- a/security/krb5-16/Makefile +++ b/security/krb5-16/Makefile @@ -7,11 +7,14 @@ PORTNAME= krb5 PORTVERSION= 1.6.3 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/krb5/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ +PATCH_SITES= http://web.mit.edu/kerberos/advisories/ DISTNAME= ${PORTNAME}-${PORTVERSION}-signed EXTRACT_SUFX= .tar +PATCHFILES= 2008-001-patch.txt +PATCH_DIST_STRIP= -p1 MAINTAINER= cy@FreeBSD.org COMMENT= An authentication system developed at MIT, successor to Kerberos IV diff --git a/security/krb5-16/distinfo b/security/krb5-16/distinfo index f9332216ac64..76109873f356 100644 --- a/security/krb5-16/distinfo +++ b/security/krb5-16/distinfo @@ -1,3 +1,6 @@ MD5 (krb5-1.6.3-signed.tar) = 2dc1307686eb1c2bf1ab08ea805dad46 SHA256 (krb5-1.6.3-signed.tar) = 7a1bd7d4bd326828c8ee382ed2b69ccd6c58762601df897d6a32169d84583d2a SIZE (krb5-1.6.3-signed.tar) = 11909120 +MD5 (2008-001-patch.txt) = 3bbb7a6a7738c086f5d5dfcf09da9cbb +SHA256 (2008-001-patch.txt) = 4d02be765ff12d21ddf1cfa170e5ff4067e9c364a401d7e06ece329566139736 +SIZE (2008-001-patch.txt) = 10854 diff --git a/security/krb5-16/files/patch-lib-rpc-svc.c b/security/krb5-16/files/patch-lib-rpc-svc.c new file mode 100644 index 000000000000..395039040b04 --- /dev/null +++ b/security/krb5-16/files/patch-lib-rpc-svc.c @@ -0,0 +1,24 @@ +=== lib/rpc/svc.c +================================================================== +--- lib/rpc/svc.c (revision 1666) ++++ lib/rpc/svc.c (local) +@@ -109,15 +109,17 @@ + if (sock < FD_SETSIZE) { + xports[sock] = xprt; + FD_SET(sock, &svc_fdset); ++ if (sock > svc_maxfd) ++ svc_maxfd = sock; + } + #else + if (sock < NOFILE) { + xports[sock] = xprt; + svc_fds |= (1 << sock); ++ if (sock > svc_maxfd) ++ svc_maxfd = sock; + } + #endif /* def FD_SETSIZE */ +- if (sock > svc_maxfd) +- svc_maxfd = sock; + } + + /* diff --git a/security/krb5-16/files/patch-lib-rpc-svc_tcp.c b/security/krb5-16/files/patch-lib-rpc-svc_tcp.c new file mode 100644 index 000000000000..9c51fafc62bf --- /dev/null +++ b/security/krb5-16/files/patch-lib-rpc-svc_tcp.c @@ -0,0 +1,51 @@ +=== lib/rpc/svc_tcp.c +================================================================== +--- lib/rpc/svc_tcp.c (revision 1666) ++++ lib/rpc/svc_tcp.c (local) +@@ -54,6 +54,14 @@ + extern errno; + */ + ++#ifndef FD_SETSIZE ++#ifdef NBBY ++#define NOFILE (sizeof(int) * NBBY) ++#else ++#define NOFILE (sizeof(int) * 8) ++#endif ++#endif ++ + /* + * Ops vector for TCP/IP based rpc service handle + */ +@@ -215,6 +223,19 @@ + register SVCXPRT *xprt; + register struct tcp_conn *cd; + ++#ifdef FD_SETSIZE ++ if (fd >= FD_SETSIZE) { ++ (void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n"); ++ xprt = NULL; ++ goto done; ++ } ++#else ++ if (fd >= NOFILE) { ++ (void) fprintf(stderr, "svc_tcp: makefd_xprt: fd too high\n"); ++ xprt = NULL; ++ goto done; ++ } ++#endif + xprt = (SVCXPRT *)mem_alloc(sizeof(SVCXPRT)); + if (xprt == (SVCXPRT *)NULL) { + (void) fprintf(stderr, "svc_tcp: makefd_xprt: out of memory\n"); +@@ -271,6 +292,10 @@ + * make a new transporter (re-uses xprt) + */ + xprt = makefd_xprt(sock, r->sendsize, r->recvsize); ++ if (xprt == NULL) { ++ close(sock); ++ return (FALSE); ++ } + xprt->xp_raddr = addr; + xprt->xp_addrlen = len; + xprt->xp_laddr = laddr; + |