Git-Url:
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=45e1e70834210b4bd7953e504cac87ca9ce3ea62
commit 45e1e70834210b4bd7953e504cac87ca9ce3ea62
Author: Miklos Vajna
Date: Mon Aug 22 01:27:58 2011 +0200
krb5-1.7.2-1-i686
- bump to latest 1.7.x
- closes #4256
diff --git a/source/lib-extra/krb5/CVE-2010-0628.patch
b/source/lib-extra/krb5/CVE-2010-0628.patch
deleted file mode 100644
index 325ba93..000
--- a/source/lib-extra/krb5/CVE-2010-0628.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-Index: src/lib/gssapi/spnego/spnego_mech.c
-===
src/lib/gssapi/spnego/spnego_mech.c(revision 23717)
-+++ src/lib/gssapi/spnego/spnego_mech.c(working copy)
-@@ -1570,7 +1570,7 @@
- spnego_gss_ctx_id_t sc = NULL;
- spnego_gss_cred_id_t spcred = NULL;
- OM_uint32 mechstat = GSS_S_FAILURE;
-- int sendTokenInit = 0;
-+ int sendTokenInit = 0, tmpret;
-
- mechtok_in = mic_in = mic_out = GSS_C_NO_BUFFER;
-
-@@ -1603,7 +1603,6 @@
- if (delegated_cred_handle != NULL)
- *delegated_cred_handle = GSS_C_NO_CREDENTIAL;
- if (input_token->length == 0) {
-- sendTokenInit = 1;
- ret = acc_ctx_hints(minor_status,
- context_handle, spcred,
- &mic_out,
-@@ -1611,6 +1610,7 @@
- &return_token);
- if (ret != GSS_S_COMPLETE)
- goto cleanup;
-+ sendTokenInit = 1;
- ret = GSS_S_CONTINUE_NEEDED;
- } else {
- /* Can set negState to REQUEST_MIC */
-@@ -1658,29 +1658,23 @@
-&negState, &return_token);
- }
- cleanup:
-- if (return_token != NO_TOKEN_SEND && return_token != CHECK_MIC) {
-- /* For acceptor-sends-first send a tokenInit */
-- int tmpret;
--
-+ if (return_token == INIT_TOKEN_SEND && sendTokenInit) {
- assert(sc != NULL);
--
-- if (sendTokenInit) {
-- tmpret = make_spnego_tokenInit_msg(sc,
-- 1,
-- mic_out,
-- 0,
-- GSS_C_NO_BUFFER,
-- return_token,
-- output_token);
-- } else {
-- tmpret = make_spnego_tokenTarg_msg(negState,
-- sc ?
sc->internal_mech : GSS_C_NO_OID,
-- &mechtok_out,
mic_out,
-- return_token,
-- output_token);
-- }
-+ tmpret = make_spnego_tokenInit_msg(sc, 1, mic_out, 0,
-+ GSS_C_NO_BUFFER,
-+ return_token, output_token);
- if (tmpret < 0)
- ret = GSS_S_FAILURE;
-+ } else if (return_token != NO_TOKEN_SEND &&
-+ return_token != CHECK_MIC) {
-+ tmpret = make_spnego_tokenTarg_msg(negState,
-+ sc ? sc->internal_mech :
-+ GSS_C_NO_OID,
-+ &mechtok_out, mic_out,
-+ return_token,
-+ output_token);
-+ if (tmpret < 0)
-+ ret = GSS_S_FAILURE;
- }
- if (ret == GSS_S_COMPLETE) {
- *context_handle = (gss_ctx_id_t)sc->ctx_handle;
diff --git a/source/lib-extra/krb5/FrugalBuild
b/source/lib-extra/krb5/FrugalBuild
index 6257474..70ada18 100644
--- a/source/lib-extra/krb5/FrugalBuild
+++ b/source/lib-extra/krb5/FrugalBuild
@@ -2,22 +2,20 @@
# Maintainer: Michel Hermier
pkgname=krb5
-pkgver=1.7
-pkgrel=6
+pkgver=1.7.2
+pkgrel=1
pkgdesc="Kerberos: The Network Authentication Protocol"
url="http://web.mit.edu/kerberos/";
license="MIT licence"
depends=('e2fsprogs' 'db' 'openssl>=1.0.0')
makedepends=('perl')
-#makedepends=('postgresql>=8.2.1' 'mysql>=5.1.34')
rodepends=("libkrb5=$pkgver")
archs=('i686' 'ppc' 'x86_64' 'arm')
groups=('lib-extra')
up2date="echo $pkgver"
-source=(http://web.mit.edu/kerberos/dist/$pkgname/$pkgver/$pkgname-$pkgver-signed.tar
\
- CVE-2010-0628.patch openssl.diff)
-sha1sums=('0fe1b1cf9f8d4f5f5d7fdaf89326baf5c5adbc66' \
- 'c
