Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=45e1e70834210b4bd7953e504cac87ca9ce3ea62

commit 45e1e70834210b4bd7953e504cac87ca9ce3ea62
Author: Miklos Vajna <vmik...@frugalware.org>
Date:   Mon Aug 22 01:27:58 2011 +0200

krb5-1.7.2-1-i686

- bump to latest 1.7.x
- closes #4256

diff --git a/source/lib-extra/krb5/CVE-2010-0628.patch 
b/source/lib-extra/krb5/CVE-2010-0628.patch
deleted file mode 100644
index 325ba93..0000000
--- a/source/lib-extra/krb5/CVE-2010-0628.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-Index: src/lib/gssapi/spnego/spnego_mech.c
-===================================================================
---- src/lib/gssapi/spnego/spnego_mech.c        (revision 23717)
-+++ src/lib/gssapi/spnego/spnego_mech.c        (working copy)
-@@ -1570,7 +1570,7 @@
-       spnego_gss_ctx_id_t sc = NULL;
-       spnego_gss_cred_id_t spcred = NULL;
-       OM_uint32 mechstat = GSS_S_FAILURE;
--      int sendTokenInit = 0;
-+      int sendTokenInit = 0, tmpret;
-
-       mechtok_in = mic_in = mic_out = GSS_C_NO_BUFFER;
-
-@@ -1603,7 +1603,6 @@
-               if (delegated_cred_handle != NULL)
-                       *delegated_cred_handle = GSS_C_NO_CREDENTIAL;
-               if (input_token->length == 0) {
--                      sendTokenInit = 1;
-                       ret = acc_ctx_hints(minor_status,
-                                           context_handle, spcred,
-                                           &mic_out,
-@@ -1611,6 +1610,7 @@
-                                           &return_token);
-                       if (ret != GSS_S_COMPLETE)
-                               goto cleanup;
-+                      sendTokenInit = 1;
-                       ret = GSS_S_CONTINUE_NEEDED;
-               } else {
-                       /* Can set negState to REQUEST_MIC */
-@@ -1658,29 +1658,23 @@
-                                &negState, &return_token);
-       }
- cleanup:
--      if (return_token != NO_TOKEN_SEND && return_token != CHECK_MIC) {
--              /* For acceptor-sends-first send a tokenInit */
--              int tmpret;
--
-+      if (return_token == INIT_TOKEN_SEND && sendTokenInit) {
-               assert(sc != NULL);
--
--              if (sendTokenInit) {
--                      tmpret = make_spnego_tokenInit_msg(sc,
--                                                         1,
--                                                         mic_out,
--                                                         0,
--                                                         GSS_C_NO_BUFFER,
--                                                         return_token,
--                                                         output_token);
--              } else {
--                      tmpret = make_spnego_tokenTarg_msg(negState,
--                                                         sc ? 
sc->internal_mech : GSS_C_NO_OID,
--                                                         &mechtok_out, 
mic_out,
--                                                         return_token,
--                                                         output_token);
--              }
-+              tmpret = make_spnego_tokenInit_msg(sc, 1, mic_out, 0,
-+                                                 GSS_C_NO_BUFFER,
-+                                                 return_token, output_token);
-               if (tmpret < 0)
-                       ret = GSS_S_FAILURE;
-+      } else if (return_token != NO_TOKEN_SEND &&
-+                 return_token != CHECK_MIC) {
-+              tmpret = make_spnego_tokenTarg_msg(negState,
-+                                                 sc ? sc->internal_mech :
-+                                                 GSS_C_NO_OID,
-+                                                 &mechtok_out, mic_out,
-+                                                 return_token,
-+                                                 output_token);
-+              if (tmpret < 0)
-+                      ret = GSS_S_FAILURE;
-       }
-       if (ret == GSS_S_COMPLETE) {
-               *context_handle = (gss_ctx_id_t)sc->ctx_handle;
diff --git a/source/lib-extra/krb5/FrugalBuild 
b/source/lib-extra/krb5/FrugalBuild
index 6257474..70ada18 100644
--- a/source/lib-extra/krb5/FrugalBuild
+++ b/source/lib-extra/krb5/FrugalBuild
@@ -2,22 +2,20 @@
# Maintainer: Michel Hermier <herm...@frugalware.org>

pkgname=krb5
-pkgver=1.7
-pkgrel=6
+pkgver=1.7.2
+pkgrel=1
pkgdesc="Kerberos: The Network Authentication Protocol"
url="http://web.mit.edu/kerberos/";
license="MIT licence"
depends=('e2fsprogs' 'db' 'openssl>=1.0.0')
makedepends=('perl')
-#makedepends=('postgresql>=8.2.1' 'mysql>=5.1.34')
rodepends=("libkrb5=$pkgver")
archs=('i686' 'ppc' 'x86_64' 'arm')
groups=('lib-extra')
up2date="echo $pkgver"
-source=(http://web.mit.edu/kerberos/dist/$pkgname/$pkgver/$pkgname-$pkgver-signed.tar
 \
-       CVE-2010-0628.patch openssl.diff)
-sha1sums=('0fe1b1cf9f8d4f5f5d7fdaf89326baf5c5adbc66' \
-          'cf5c69909e5f1edc745f222f62f6dc676a150778' \
+source=(http://web.mit.edu/kerberos/dist/$pkgname/1.7/$pkgname-$pkgver-signed.tar
 \
+       openssl.diff)
+sha1sums=('069238c79d0a4de95bdd2ca3b69f66d272da095e' \
'b35d8c4ec016d49a015f002e9345c23ae31126d2')
#signature=($source.asc)
#signatures=(http://web.mit.edu/kerberos/www/$pkgname-$pkgver/$pkgname-$pkgver.sig)
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to