Hello community, here is the log from the commit of package krb5 for openSUSE:Factory checked in at 2016-04-06 11:50:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/krb5 (Old) and /work/SRC/openSUSE:Factory/.krb5.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "krb5" Changes: -------- --- /work/SRC/openSUSE:Factory/krb5/krb5-mini.changes 2016-02-25 21:52:25.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.krb5.new/krb5-mini.changes 2016-04-06 11:50:35.000000000 +0200 @@ -1,0 +2,17 @@ +Fri Apr 1 07:45:13 UTC 2016 - [email protected] + +- Upgrade from 1.14 to 1.14.1: + * Remove expired patches: + 0104-Verify-decoded-kadmin-C-strings-CVE-2015-8629.patch + 0105-Fix-leaks-in-kadmin-server-stubs-CVE-2015-8631.patch + 0106-Check-for-null-kadm5-policy-name-CVE-2015-8630.patch + krbdev.mit.edu-8301.patch + * Replace source archives: + krb5-1.14.tar.gz -> + krb5-1.14.1.tar.gz + krb5-1.14.tar.gz.asc -> + krb5-1.14.1.tar.gz.asc + * Adjust line numbers in: + krb5-fix_interposer.patch + +------------------------------------------------------------------- krb5.changes: same change Old: ---- 0104-Verify-decoded-kadmin-C-strings-CVE-2015-8629.patch 0105-Fix-leaks-in-kadmin-server-stubs-CVE-2015-8631.patch 0106-Check-for-null-kadm5-policy-name-CVE-2015-8630.patch krb5-1.14.tar.gz krb5-1.14.tar.gz.asc krbdev.mit.edu-8301.patch New: ---- krb5-1.14.1.tar.gz krb5-1.14.1.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-mini.spec ++++++ --- /var/tmp/diff_new_pack.sJh1ni/_old 2016-04-06 11:50:37.000000000 +0200 +++ /var/tmp/diff_new_pack.sJh1ni/_new 2016-04-06 11:50:37.000000000 +0200 @@ -16,7 +16,7 @@ # -%define srcRoot krb5-1.14 +%define srcRoot krb5-1.14.1 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/ %define krb5docdir %{_defaultdocdir}/krb5 @@ -29,7 +29,7 @@ BuildRequires: libcom_err-devel BuildRequires: libselinux-devel BuildRequires: ncurses-devel -Version: 1.14 +Version: 1.14.1 Release: 0 Summary: MIT Kerberos5 implementation and libraries with minimal dependencies License: MIT @@ -64,8 +64,6 @@ Patch11: krb5-1.12-ksu-path.patch Patch12: krb5-1.12-selinux-label.patch Patch13: krb5-1.9-debuginfo.patch -# see http://krbdev.mit.edu/rt/Ticket/Display.html?id=8301 -Patch14: krbdev.mit.edu-8301.patch Patch15: krb5-fix_interposer.patch Patch16: krb5-mechglue_inqure_attrs.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -112,7 +110,6 @@ %patch11 -p1 %patch12 -p1 %patch13 -p0 -%patch14 -p1 %patch15 -p1 %patch16 -p1 ++++++ krb5.spec ++++++ --- /var/tmp/diff_new_pack.sJh1ni/_old 2016-04-06 11:50:37.000000000 +0200 +++ /var/tmp/diff_new_pack.sJh1ni/_new 2016-04-06 11:50:37.000000000 +0200 @@ -16,10 +16,6 @@ # -%define srcRoot krb5-1.14 -%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/ -%define krb5docdir %{_defaultdocdir}/krb5 - Name: krb5 Url: http://web.mit.edu/kerberos/www/ BuildRequires: autoconf @@ -29,7 +25,7 @@ BuildRequires: libcom_err-devel BuildRequires: libselinux-devel BuildRequires: ncurses-devel -Version: 1.14 +Version: 1.14.1 Release: 0 Summary: MIT Kerberos5 Implementation--Libraries License: MIT @@ -68,13 +64,8 @@ Patch11: krb5-1.12-ksu-path.patch Patch12: krb5-1.12-selinux-label.patch Patch13: krb5-1.9-debuginfo.patch -# see http://krbdev.mit.edu/rt/Ticket/Display.html?id=8301 -Patch14: krbdev.mit.edu-8301.patch Patch15: krb5-fix_interposer.patch Patch16: krb5-mechglue_inqure_attrs.patch -Patch104: 0104-Verify-decoded-kadmin-C-strings-CVE-2015-8629.patch -Patch105: 0105-Fix-leaks-in-kadmin-server-stubs-CVE-2015-8631.patch -Patch106: 0106-Check-for-null-kadm5-policy-name-CVE-2015-8630.patch Patch107: 0107-Fix-LDAP-null-deref-on-empty-arg-CVE-2016-3119.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch, coreutils @@ -170,6 +161,10 @@ practice of cleartext passwords. This package includes Libraries and Include Files for Development +%define srcRoot krb5-%{version} +%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/ +%define krb5docdir %{_defaultdocdir}/krb5 + %prep %setup -q -n %{srcRoot} %setup -a 1 -T -D -n %{srcRoot} @@ -183,12 +178,8 @@ %patch11 -p1 %patch12 -p1 %patch13 -p0 -%patch14 -p1 %patch15 -p1 %patch16 -p1 -%patch104 -p1 -%patch105 -p1 -%patch106 -p1 %patch107 -p1 %build ++++++ krb5-1.14.tar.gz -> krb5-1.14.1.tar.gz ++++++ /work/SRC/openSUSE:Factory/krb5/krb5-1.14.tar.gz /work/SRC/openSUSE:Factory/.krb5.new/krb5-1.14.1.tar.gz differ: char 5, line 1 ++++++ krb5-fix_interposer.patch ++++++ --- /var/tmp/diff_new_pack.sJh1ni/_old 2016-04-06 11:50:37.000000000 +0200 +++ /var/tmp/diff_new_pack.sJh1ni/_new 2016-04-06 11:50:37.000000000 +0200 @@ -1,4 +1,4 @@ -From b3901af6970fb7bde88eb16d51c8d05db6f37746 Mon Sep 17 00:00:00 2001 +From a6b7ccabf383f1f667c5d2b549909dfd59df12f6 Mon Sep 17 00:00:00 2001 From: Simo Sorce <[email protected]> Date: Fri, 13 Nov 2015 14:54:11 -0500 Subject: [PATCH] Fix impersonate_name to work with interposers @@ -12,10 +12,6 @@ cleanup handler] ticket: 8280 (new) ---- - src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c | 58 +++++++++++++++-------- - src/lib/gssapi/spnego/spnego_mech.c | 35 +++++++------- - 2 files changed, 54 insertions(+), 39 deletions(-) diff --git a/src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c b/src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c index 0dd4f87..9eab25e 100644 @@ -43,7 +39,7 @@ + mech = gssint_get_mechanism(selected_mech); if (!mech) return GSS_S_BAD_MECH; - else if (!mech->gss_acquire_cred) + else if (!mech->gss_acquire_cred_impersonate_name) @@ -367,27 +374,26 @@ gss_add_cred_impersonate_name(OM_uint32 *minor_status, internal_name = GSS_C_NO_NAME; } else { @@ -154,10 +150,10 @@ if (input_cred_handle == GSS_C_NO_CREDENTIAL && union_cred) free(union_cred); diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c -index e6703eb..28fb9b1 100644 +index 5f1ca33..bb754d9 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c -@@ -2619,10 +2619,10 @@ spnego_gss_acquire_cred_impersonate_name(OM_uint32 *minor_status, +@@ -2620,10 +2620,10 @@ spnego_gss_acquire_cred_impersonate_name(OM_uint32 *minor_status, gss_OID_set *actual_mechs, OM_uint32 *time_rec) { @@ -170,7 +166,7 @@ dsyslog("Entering spnego_gss_acquire_cred_impersonate_name\n"); -@@ -2634,31 +2634,30 @@ spnego_gss_acquire_cred_impersonate_name(OM_uint32 *minor_status, +@@ -2635,31 +2635,30 @@ spnego_gss_acquire_cred_impersonate_name(OM_uint32 *minor_status, imp_spcred = (spnego_gss_cred_id_t)impersonator_cred_handle; imp_mcred = imp_spcred ? imp_spcred->mcred : GSS_C_NO_CREDENTIAL; @@ -218,5 +214,5 @@ return (status); } -- -2.6.2 +2.7.4
