CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2022/11/16 05:27:21
Modified files:
security/heimdal: Tag: OPENBSD_7_2 Makefile distinfo
security/heimdal/pkg: Tag: OPENBSD_7_2 PLIST-devel-docs
PLIST-libs
Removed files:
security/heimdal/patches: Tag: OPENBSD_7_2
patch-lib_hdb_hdb-mitdb_c
Log message:
security update to 7.7.1; fixes multiple CVEs:
CVE-2022-42898 PAC parse integer overflows
CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ
CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
