Hello community, here is the log from the commit of package libheimdal for openSUSE:Factory checked in at 2018-01-19 11:51:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libheimdal (Old) and /work/SRC/openSUSE:Factory/.libheimdal.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libheimdal" Fri Jan 19 11:51:04 2018 rev:7 rq:560559 version:7.5.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libheimdal/libheimdal.changes 2017-12-08 13:02:09.299355476 +0100 +++ /work/SRC/openSUSE:Factory/.libheimdal.new/libheimdal.changes 2018-01-19 11:51:38.680074026 +0100 @@ -1,0 +2,22 @@ +Fri Dec 29 13:16:21 UTC 2017 - [email protected] + +- Update to version 7.5.0 + - Security + - Fix CVE-2017-17439, which is a remote denial of service + vulnerability: + In Heimdal 7.1 through 7.4, remote unauthenticated attackers + are able to crash the KDC by sending a crafted UDP packet + containing empty data fields for client name or realm. + - Bug fixes + - Handle long input lines when reloading database dumps. + - In pre-forked mode (default on Unix), correctly clear the + process ids of exited children, allowing new child processes + to replace the old. + - Fixed incorrect KDC response when no-cross realm TGT exists, + allowing client requests to fail quickly rather than time + out after trying to get a correct answer from each KDC. +- Fixed heimdal-patched.diff. +- Removed Avoid_NULL_structure_pointer_member_dereference.patch, + fixed upstream. + +------------------------------------------------------------------- Old: ---- Avoid_NULL_structure_pointer_member_dereference.patch heimdal-7.4.0-patched.tar.bz2 New: ---- heimdal-7.5.0-patched.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libheimdal.spec ++++++ --- /var/tmp/diff_new_pack.fE7uqJ/_old 2018-01-19 11:51:39.660027835 +0100 +++ /var/tmp/diff_new_pack.fE7uqJ/_new 2018-01-19 11:51:39.664027647 +0100 @@ -20,7 +20,7 @@ Summary: The Heimdal implementation of the Kerberos 5 protocol License: BSD-3-Clause Group: Productivity/Networking/Security -Version: 7.4.0 +Version: 7.5.0 Release: 0 Url: http://www.h5l.org # patched source can be created with script heimdal-patch-source.sh: @@ -28,7 +28,6 @@ Source0: heimdal-%{version}-patched.tar.bz2 Source2: heimdal-patch-source.sh Patch0: heimdal-patched.diff -Patch1: Avoid_NULL_structure_pointer_member_dereference.patch %if 0%{?sles_version} == 11 BuildRequires: libcom_err-devel BuildRequires: sqlite3-devel @@ -99,7 +98,6 @@ %prep %setup -q -n heimdal-%{version} %patch0 -p1 -%patch1 -p0 %build autoreconf -fi ++++++ heimdal-7.4.0-patched.tar.bz2 -> heimdal-7.5.0-patched.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/libheimdal/heimdal-7.4.0-patched.tar.bz2 /work/SRC/openSUSE:Factory/.libheimdal.new/heimdal-7.5.0-patched.tar.bz2 differ: char 11, line 1 ++++++ heimdal-patched.diff ++++++ --- /var/tmp/diff_new_pack.fE7uqJ/_old 2018-01-19 11:51:39.712025384 +0100 +++ /var/tmp/diff_new_pack.fE7uqJ/_new 2018-01-19 11:51:39.716025196 +0100 @@ -4,7 +4,7 @@ @@ -3,7 +3,6 @@ AC_PREREQ(2.62) test -z "$CFLAGS" && CFLAGS="-g" - AC_INIT([Heimdal],[7.4.0],[https://github.com/heimdal/heimdal/issues]) + AC_INIT([Heimdal],[7.5.0],[https://github.com/heimdal/heimdal/issues]) -AC_CONFIG_SRCDIR([kuser/kinit.c]) AC_CONFIG_HEADERS(include/config.h) AC_CONFIG_MACRO_DIR([cf])
