summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNed Ludd <solar@gentoo.org>2004-09-13 22:44:54 +0000
committerNed Ludd <solar@gentoo.org>2004-09-13 22:44:54 +0000
commitb4cd95729ac97672d052e4e7c1083d8f0d7d36d3 (patch)
tree58c01b44ab17d739a635276f0decaace11f7f1eb
parentversion bump (diff)
downloadhistorical-b4cd95729ac97672d052e4e7c1083d8f0d7d36d3.tar.gz
historical-b4cd95729ac97672d052e4e7c1083d8f0d7d36d3.tar.bz2
historical-b4cd95729ac97672d052e4e7c1083d8f0d7d36d3.zip
security version bump. Przemyslaw Frasunek has reported some vulnerabilities in Heimdal ftpd, which potentially can be exploited by malicious users to gain escalated privileges or compromise a vulnerable system. The vulnerabilities are caused due to various race condition errors within the out-of-band signal handling code. Successful exploitation may allow execution of FTP commands or arbitrary code with the privileges of the ftpd process. Security bug #61412
-rw-r--r--app-crypt/heimdal/ChangeLog11
-rw-r--r--app-crypt/heimdal/Manifest36
-rw-r--r--app-crypt/heimdal/files/heimdal-kadmind4
-rw-r--r--app-crypt/heimdal/files/heimdal-kpasswdd4
-rw-r--r--app-crypt/heimdal/heimdal-0.6.3.ebuild11
5 files changed, 32 insertions, 34 deletions
diff --git a/app-crypt/heimdal/ChangeLog b/app-crypt/heimdal/ChangeLog
index f3696cf041fe..9b9c871c1193 100644
--- a/app-crypt/heimdal/ChangeLog
+++ b/app-crypt/heimdal/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for app-crypt/heimdal
# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/ChangeLog,v 1.47 2004/09/13 15:40:34 dragonheart Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/ChangeLog,v 1.48 2004/09/13 22:44:54 solar Exp $
+
+ 13 Sep 2004; <solar@gentoo.org> files/heimdal-kadmind,
+ files/heimdal-kpasswdd, heimdal-0.6.3.ebuild:
+ security version bump. Przemyslaw Frasunek has reported some vulnerabilities
+ in Heimdal ftpd, which potentially can be exploited by malicious users to gain
+ escalated privileges or compromise a vulnerable system. The vulnerabilities
+ are caused due to various race condition errors within the out-of-band signal
+ handling code. Successful exploitation may allow execution of FTP commands or
+ arbitrary code with the privileges of the ftpd process. Security bug #61412
*heimdal-0.6.3 (14 Sep 2004)
diff --git a/app-crypt/heimdal/Manifest b/app-crypt/heimdal/Manifest
index e4298df8f15e..5b85be7b401c 100644
--- a/app-crypt/heimdal/Manifest
+++ b/app-crypt/heimdal/Manifest
@@ -1,31 +1,21 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
-MD5 ca8299025daa75aeeb16bace8f84858d ChangeLog 6413
-MD5 50e7d57fd90a1ea8eb07905670818664 heimdal-0.6.3.ebuild 2791
-MD5 e5573e25f19694fc8ccaaced2dd576f4 metadata.xml 353
MD5 aee9e1e8938d800d1c71c09bb7e9e744 heimdal-0.6.2-r1.ebuild 3141
+MD5 fa00acbf44333c79bcbefa71ce385112 heimdal-0.6.3.ebuild 2786
+MD5 84cbebf46651af9614fbf4169c7439b9 ChangeLog 6989
+MD5 e5573e25f19694fc8ccaaced2dd576f4 metadata.xml 353
MD5 bf72d9d820834284e0f4681b508bac49 heimdal-0.6.2.ebuild 2810
+MD5 35eed8dc7a9b322e4ed6220ef29cd1bc files/heimdal-0.6-berkdb.patch 542
MD5 0f222a777af729dc4d6076ab03342056 files/krb5.conf 423
-MD5 12c2f086658ad67e3ddaf1340cb9405a files/01heimdal 125
MD5 59cbfb44a4bd4c27cf0dd3943b50ae52 files/digest-heimdal-0.6.2-r1 66
-MD5 d241569631159016adcce030e98dcb72 files/heimdal-kadmind 555
-MD5 59cbfb44a4bd4c27cf0dd3943b50ae52 files/digest-heimdal-0.6.2 66
+MD5 f0e0f39d4efb0fe27133d47bff91e453 files/heimdal-0.6.3.all.patch 2313
+MD5 52dcc61b4dcb2747e0f2cbd2b1b3186f files/heimdal-0.6.3-ldap-subtree.patch 737
MD5 3d0262aa218e1611500de735d3581e28 files/heimdal-0.6.1-fPIC.patch 352
+MD5 06ae43d9ec1ce6f03630f6bd5e1631eb files/krb5-kdc.schema 4051
MD5 2be6ab7b49a076e078f34913d65bcaad files/heimdal-kdc 514
-MD5 bdcc2eedb42140afd25307f21aa5bb17 files/heimdal-0.6-gcc3.patch 466
-MD5 2912d07f59da59800652b98c8b8c32c8 files/heimdal-kpasswdd 560
-MD5 8eb01abfea336bcb2791c23ef05a5b24 files/heimdal-0.6-rxapps.patch 729
-MD5 35eed8dc7a9b322e4ed6220ef29cd1bc files/heimdal-0.6-berkdb.patch 542
MD5 3d0262aa218e1611500de735d3581e28 files/heimdal-0.6.2-fPIC.patch 352
+MD5 8eb01abfea336bcb2791c23ef05a5b24 files/heimdal-0.6-rxapps.patch 729
+MD5 f4811d443f68fe11946a031ada8ce125 files/heimdal-kpasswdd 551
+MD5 59cbfb44a4bd4c27cf0dd3943b50ae52 files/digest-heimdal-0.6.2 66
MD5 3927bef9ae6c9b6cf6c5d6eb9c2bfcf7 files/digest-heimdal-0.6.3 66
-MD5 f0e0f39d4efb0fe27133d47bff91e453 files/heimdal-0.6.3.all.patch 2313
-MD5 06ae43d9ec1ce6f03630f6bd5e1631eb files/krb5-kdc.schema 4051
-MD5 52dcc61b4dcb2747e0f2cbd2b1b3186f files/heimdal-0.6.3-ldap-subtree.patch 737
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.2.4 (GNU/Linux)
-
-iD8DBQFBRb+JmdTrptrqvGERAiSJAJwMGmKyoUhd+uy7pnB+yGeD1rC7RwCff0R1
-8wvvCn8G1MJs50hJi5/hF7c=
-=3/q1
------END PGP SIGNATURE-----
+MD5 bdcc2eedb42140afd25307f21aa5bb17 files/heimdal-0.6-gcc3.patch 466
+MD5 12c2f086658ad67e3ddaf1340cb9405a files/01heimdal 125
+MD5 0becad2fb5b2e15b30b47b2939304647 files/heimdal-kadmind 546
diff --git a/app-crypt/heimdal/files/heimdal-kadmind b/app-crypt/heimdal/files/heimdal-kadmind
index 0ad9c9a6b593..117cb7953ff3 100644
--- a/app-crypt/heimdal/files/heimdal-kadmind
+++ b/app-crypt/heimdal/files/heimdal-kadmind
@@ -1,7 +1,7 @@
#!/sbin/runscript
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/files/heimdal-kadmind,v 1.2 2004/09/13 15:40:34 dragonheart Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/files/heimdal-kadmind,v 1.3 2004/09/13 22:44:54 solar Exp $
depend() {
need net
@@ -19,6 +19,6 @@ start() {
stop() {
ebegin "Stopping heimdal kadmind"
start-stop-daemon --stop --quiet --exec \
- /usr/libexec/kadmind
+ /usr/sbin/kadmind
eend $?
}
diff --git a/app-crypt/heimdal/files/heimdal-kpasswdd b/app-crypt/heimdal/files/heimdal-kpasswdd
index b6e73662cf3a..517cb862109e 100644
--- a/app-crypt/heimdal/files/heimdal-kpasswdd
+++ b/app-crypt/heimdal/files/heimdal-kpasswdd
@@ -1,7 +1,7 @@
#!/sbin/runscript
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/files/heimdal-kpasswdd,v 1.2 2004/09/13 15:40:34 dragonheart Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/files/heimdal-kpasswdd,v 1.3 2004/09/13 22:44:54 solar Exp $
depend() {
need net
@@ -19,6 +19,6 @@ start() {
stop() {
ebegin "Stopping heimdal kpasswdd"
start-stop-daemon --stop --quiet --exec \
- /usr/libexec/kpasswdd
+ /usr/sbin/kpasswdd
eend $?
}
diff --git a/app-crypt/heimdal/heimdal-0.6.3.ebuild b/app-crypt/heimdal/heimdal-0.6.3.ebuild
index 5afc3678b5fc..5f475c50ecb7 100644
--- a/app-crypt/heimdal/heimdal-0.6.3.ebuild
+++ b/app-crypt/heimdal/heimdal-0.6.3.ebuild
@@ -1,8 +1,8 @@
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/heimdal-0.6.3.ebuild,v 1.1 2004/09/13 15:40:34 dragonheart Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/heimdal-0.6.3.ebuild,v 1.2 2004/09/13 22:44:54 solar Exp $
-inherit libtool eutils
+inherit libtool eutils flag-o-matic
DESCRIPTION="Kerberos 5 implementation from KTH"
SRC_URI="ftp://ftp.pdc.kth.se/pub/heimdal/src/${P}.tar.gz"
@@ -10,8 +10,7 @@ HOMEPAGE="http://www.pdc.kth.se/heimdal/"
SLOT="0"
LICENSE="as-is"
-KEYWORDS="-*"
-#KEYWORDS="~x86 ~sparc ~ppc ~alpha ~ia64 ~amd64 ~hppa ~mips"
+KEYWORDS="~x86 ~sparc ~ppc ~alpha ~ia64 ~amd64 ~hppa ~mips"
IUSE="ssl berkdb ipv6 krb4 ldap"
PROVIDE="virtual/krb5"
@@ -53,9 +52,9 @@ src_compile() {
&& myconf="${myconf} --with-krb4 --with-krb4-config=/usr/athena/bin/krb4-config" \
|| myconf="${myconf} --without-krb4"
- use ldap && myconf="${myconf} --with-open-ldap=/usr"
+ use ldap && myconf="${myconf} --with-openldap=/usr"
- append-ldflags -Wl,-z
+ append-ldflags -Wl,-z,now
econf ${myconf} || die "econf failed"
emake || die