commit krb5 for openSUSE:Factory

h_root Wed, 03 Sep 2014 11:09:56 -0700

Hello community,

here is the log from the commit of package krb5 for openSUSE:Factory checked in 
at 2014-09-03 18:21:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/krb5 (Old)
 and      /work/SRC/openSUSE:Factory/.krb5.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "krb5"

Changes:
--------
--- /work/SRC/openSUSE:Factory/krb5/krb5-mini.changes   2014-08-20 
17:53:42.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.krb5.new/krb5-mini.changes      2014-09-03 
20:09:20.000000000 +0200
@@ -1,0 +2,33 @@
+Sat Aug 30 22:29:28 UTC 2014 - andreas.stie...@gmx.de
+
+- krb5 5.12.2:
+  * Work around a gcc optimizer bug that could cause DB2 KDC
+    database operations to spin in an infinite loop
+  * Fix a backward compatibility problem with the LDAP KDB schema
+    that could prevent krb5-1.11 and later from decoding entries
+    created by krb5-1.6.
+  * Avoid an infinite loop under some circumstances when the GSS
+    mechglue loads a dynamic mechanism.
+  * Fix krb5kdc argument parsing so "-w" and "-r" options work
+    togetherreliably.
+- Vulnerability fixes previously fixed in package via patches:
+  * Handle certain invalid RFC 1964 GSS tokens correctly to avoid
+    invalid memory reference vulnerabilities.  [CVE-2014-4341
+    CVE-2014-4342]
+  * Fix memory management vulnerabilities in GSSAPI SPNEGO.
+    [CVE-2014-4343 CVE-2014-4344]
+  * Fix buffer overflow vulnerability in LDAP KDB back end.
+    [CVE-2014-4345]
+- updated patches:
+  * krb5-1.7-doublelog.patch for context change
+  * krb5-1.6.3-ktutil-manpage.dif, same
+- removed patches, in upstream:
+  * krb5-master-keyring-kdcsync.patch
+  * krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
+  * krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
+  * krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
+  * krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
+- Fix build with doxygen 1.8.8 - adding krb5-1.12-doxygen.patch
+  from upstream
+
+-------------------------------------------------------------------
krb5.changes: same change

Old:
----
  krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
  krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
  krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
  krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
  krb5-1.12.1.tar.gz
  krb5-master-keyring-kdcsync.patch

New:
----
  krb5-1.12-doxygen.patch
  krb5-1.12.2.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ krb5-mini.spec ++++++
--- /var/tmp/diff_new_pack.1diBgX/_old  2014-09-03 20:09:22.000000000 +0200
+++ /var/tmp/diff_new_pack.1diBgX/_new  2014-09-03 20:09:22.000000000 +0200
@@ -17,7 +17,7 @@
 
 
 %define build_mini 1
-%define srcRoot krb5-1.12.1
+%define srcRoot krb5-1.12.2
 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
 %define krb5docdir  %{_defaultdocdir}/krb5
 
@@ -30,7 +30,7 @@
 BuildRequires:  libcom_err-devel
 BuildRequires:  libselinux-devel
 BuildRequires:  ncurses-devel
-Version:        1.12.1
+Version:        1.12.2
 Release:        0
 Summary:        MIT Kerberos5 Implementation--Libraries
 License:        MIT
@@ -82,11 +82,7 @@
 Patch12:        krb5-1.12-selinux-label.patch
 Patch13:        krb5-1.9-debuginfo.patch
 Patch14:        krb5-kvno-230379.patch
-Patch15:        krb5-master-keyring-kdcsync.patch
-Patch16:        krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
-Patch17:        krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
-Patch18:        krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
-Patch19:        
krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
+Patch20:        krb5-1.12-doxygen.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch, coreutils
 PreReq:         %fillup_prereq 
@@ -206,11 +202,7 @@
 %patch12 -p1
 %patch13 -p0
 %patch14 -p1
-%patch15 -p1
-%patch16 -p1
-%patch17 -p1
-%patch18 -p1
-%patch19 -p1
+%patch20 -p1
 
 %build
 # needs to be re-generated

++++++ krb5.spec ++++++
--- /var/tmp/diff_new_pack.1diBgX/_old  2014-09-03 20:09:22.000000000 +0200
+++ /var/tmp/diff_new_pack.1diBgX/_new  2014-09-03 20:09:22.000000000 +0200
@@ -17,7 +17,7 @@
 
 
 %define build_mini 0
-%define srcRoot krb5-1.12.1
+%define srcRoot krb5-1.12.2
 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
 %define krb5docdir  %{_defaultdocdir}/krb5
 
@@ -30,7 +30,7 @@
 BuildRequires:  libcom_err-devel
 BuildRequires:  libselinux-devel
 BuildRequires:  ncurses-devel
-Version:        1.12.1
+Version:        1.12.2
 Release:        0
 Summary:        MIT Kerberos5 Implementation--Libraries
 License:        MIT
@@ -82,11 +82,7 @@
 Patch12:        krb5-1.12-selinux-label.patch
 Patch13:        krb5-1.9-debuginfo.patch
 Patch14:        krb5-kvno-230379.patch
-Patch15:        krb5-master-keyring-kdcsync.patch
-Patch16:        krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
-Patch17:        krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
-Patch18:        krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
-Patch19:        
krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
+Patch20:        krb5-1.12-doxygen.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch, coreutils
 PreReq:         %fillup_prereq 
@@ -206,11 +202,7 @@
 %patch12 -p1
 %patch13 -p0
 %patch14 -p1
-%patch15 -p1
-%patch16 -p1
-%patch17 -p1
-%patch18 -p1
-%patch19 -p1
+%patch20 -p1
 
 %build
 # needs to be re-generated

++++++ krb5-1.12-doxygen.patch ++++++
commit b7a4d695263f1a5b7fe72b1eadce4acdc3f0490b
From: Ben Kaduk <ka...@mit.edu>
Date:   Thu Aug 28 17:54:39 2014 -0400
Subject: Map .hin files to the C language for doxygen
Upstream: Committed
References: 
https://github.com/krb5/krb5/commit/b7a4d695263f1a5b7fe72b1eadce4acdc3f0490b 
https://github.com/krb5/krb5/pull/198
    
Doxygen 1.8.8 is unhappy with the generated Doxyfile, and does not
handle krb5.hin in the expected fashion (as a C header). Work
around this issue by explicitly specifying that files with the
 .hin extension are to be treated as C language files.

Fixes the following build failure with doxygen 1.8.8:

[  326s] cp rst_apiref/*.rst rst_composite/appdev/refs/api
[  326s] cp: cannot stat 'rst_apiref/*.rst': No such file or directory
[  326s] Makefile:692: recipe for target 'composite' failed
[  326s] make: *** [composite] Error 1

diff --git a/src/doc/Doxyfile.in b/src/doc/Doxyfile.in
index 2082b6d..c225864 100644
--- a/src/doc/Doxyfile.in
+++ b/src/doc/Doxyfile.in
@@ -4,6 +4,7 @@ JAVADOC_AUTOBRIEF      = YES
 OPTIMIZE_OUTPUT_FOR_C  = YES
 WARN_IF_UNDOCUMENTED   = NO
 SHOW_FILES             = NO
+EXTENSION_MAPPING      = hin=C
 INPUT                  = @SRC@/include/krb5/krb5.hin @DOC@/doxy_examples
 EXAMPLE_PATH           = @DOC@/doxy_examples
 GENERATE_HTML          = NO
lines 1-28/28 (END)
++++++ krb5-1.12.1.tar.gz -> krb5-1.12.2.tar.gz ++++++
/work/SRC/openSUSE:Factory/krb5/krb5-1.12.1.tar.gz 
/work/SRC/openSUSE:Factory/.krb5.new/krb5-1.12.2.tar.gz differ: char 5, line 1

++++++ krb5-1.6.3-ktutil-manpage.dif ++++++
--- /var/tmp/diff_new_pack.1diBgX/_old  2014-09-03 20:09:22.000000000 +0200
+++ /var/tmp/diff_new_pack.1diBgX/_new  2014-09-03 20:09:22.000000000 +0200
@@ -1,9 +1,13 @@
-Index: krb5-1.11/src/man/ktutil.man
+---
+ src/man/ktutil.man |   12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+Index: krb5-1.12.2/src/man/ktutil.man
 ===================================================================
---- krb5-1.11.orig/src/man/ktutil.man
-+++ krb5-1.11/src/man/ktutil.man
-@@ -158,6 +158,18 @@ ktutil:
- .fi
+--- krb5-1.12.2.orig/src/man/ktutil.man        2014-08-30 23:06:53.000000000 
+0100
++++ krb5-1.12.2/src/man/ktutil.man     2014-08-30 23:07:00.000000000 +0100
+@@ -162,6 +162,18 @@ ktutil:
+ .UNINDENT
  .UNINDENT
  .UNINDENT
 +.SH REMARKS

++++++ krb5-1.7-doublelog.patch ++++++
--- /var/tmp/diff_new_pack.1diBgX/_old  2014-09-03 20:09:22.000000000 +0200
+++ /var/tmp/diff_new_pack.1diBgX/_new  2014-09-03 20:09:22.000000000 +0200
@@ -1,16 +1,20 @@
 Don't double-log (actually, don't process /etc/krb5.conf twice) just
 because we built with --sysconfdir=/etc.  RT#3277
 
-Index: krb5-1.10.2/src/include/Makefile.in
+---
+ src/include/Makefile.in |    2 ++
+ 1 file changed, 2 insertions(+)
+
+Index: krb5-1.12.2/src/include/Makefile.in
 ===================================================================
---- krb5-1.10.2.orig/src/include/Makefile.in
-+++ krb5-1.10.2/src/include/Makefile.in
-@@ -67,6 +67,8 @@ PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$(
+--- krb5-1.12.2.orig/src/include/Makefile.in   2014-08-30 23:08:41.000000000 
+0100
++++ krb5-1.12.2/src/include/Makefile.in        2014-08-30 23:09:04.000000000 
+0100
+@@ -68,6 +68,8 @@ PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$(
                  -e "s+@GSSMODULEDIR+$(GSS_MODULE_DIR)+" \
                  -e 's+@LOCALSTATEDIR+$(LOCALSTATEDIR)+' \
                  -e 's+@SYSCONFDIR+$(SYSCONFDIR)+' \
 +                -e 's+:/etc/krb5.conf:/etc/krb5.conf"+:/etc/krb5.conf"+' \
 +                -e 's+"/etc/krb5.conf:/etc/krb5.conf"+"/etc/krb5.conf"+' \
-                 -e 's+@DYNOBJEXT+$(DYNOBJEXT)+'
+                 -e 's+@DYNOBJEXT+$(DYNOBJEXT)+' \
+                 -e 's+@SYSCONFCONF+$(SYSCONFCONF)+'
  
- OSCONFSRC = $(srcdir)/osconf.hin

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit krb5 for openSUSE:Factory

Reply via email to