diff options
author | Ned Ludd <solar@gentoo.org> | 2004-09-13 22:44:54 +0000 |
---|---|---|
committer | Ned Ludd <solar@gentoo.org> | 2004-09-13 22:44:54 +0000 |
commit | b4cd95729ac97672d052e4e7c1083d8f0d7d36d3 (patch) | |
tree | 58c01b44ab17d739a635276f0decaace11f7f1eb | |
parent | version bump (diff) | |
download | historical-b4cd95729ac97672d052e4e7c1083d8f0d7d36d3.tar.gz historical-b4cd95729ac97672d052e4e7c1083d8f0d7d36d3.tar.bz2 historical-b4cd95729ac97672d052e4e7c1083d8f0d7d36d3.zip |
security version bump. Przemyslaw Frasunek has reported some vulnerabilities in Heimdal ftpd, which potentially can be exploited by malicious users to gain escalated privileges or compromise a vulnerable system. The vulnerabilities are caused due to various race condition errors within the out-of-band signal handling code. Successful exploitation may allow execution of FTP commands or arbitrary code with the privileges of the ftpd process. Security bug #61412
-rw-r--r-- | app-crypt/heimdal/ChangeLog | 11 | ||||
-rw-r--r-- | app-crypt/heimdal/Manifest | 36 | ||||
-rw-r--r-- | app-crypt/heimdal/files/heimdal-kadmind | 4 | ||||
-rw-r--r-- | app-crypt/heimdal/files/heimdal-kpasswdd | 4 | ||||
-rw-r--r-- | app-crypt/heimdal/heimdal-0.6.3.ebuild | 11 |
5 files changed, 32 insertions, 34 deletions
diff --git a/app-crypt/heimdal/ChangeLog b/app-crypt/heimdal/ChangeLog index f3696cf041fe..9b9c871c1193 100644 --- a/app-crypt/heimdal/ChangeLog +++ b/app-crypt/heimdal/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for app-crypt/heimdal # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/ChangeLog,v 1.47 2004/09/13 15:40:34 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/ChangeLog,v 1.48 2004/09/13 22:44:54 solar Exp $ + + 13 Sep 2004; <solar@gentoo.org> files/heimdal-kadmind, + files/heimdal-kpasswdd, heimdal-0.6.3.ebuild: + security version bump. Przemyslaw Frasunek has reported some vulnerabilities + in Heimdal ftpd, which potentially can be exploited by malicious users to gain + escalated privileges or compromise a vulnerable system. The vulnerabilities + are caused due to various race condition errors within the out-of-band signal + handling code. Successful exploitation may allow execution of FTP commands or + arbitrary code with the privileges of the ftpd process. Security bug #61412 *heimdal-0.6.3 (14 Sep 2004) diff --git a/app-crypt/heimdal/Manifest b/app-crypt/heimdal/Manifest index e4298df8f15e..5b85be7b401c 100644 --- a/app-crypt/heimdal/Manifest +++ b/app-crypt/heimdal/Manifest @@ -1,31 +1,21 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 ca8299025daa75aeeb16bace8f84858d ChangeLog 6413 -MD5 50e7d57fd90a1ea8eb07905670818664 heimdal-0.6.3.ebuild 2791 -MD5 e5573e25f19694fc8ccaaced2dd576f4 metadata.xml 353 MD5 aee9e1e8938d800d1c71c09bb7e9e744 heimdal-0.6.2-r1.ebuild 3141 +MD5 fa00acbf44333c79bcbefa71ce385112 heimdal-0.6.3.ebuild 2786 +MD5 84cbebf46651af9614fbf4169c7439b9 ChangeLog 6989 +MD5 e5573e25f19694fc8ccaaced2dd576f4 metadata.xml 353 MD5 bf72d9d820834284e0f4681b508bac49 heimdal-0.6.2.ebuild 2810 +MD5 35eed8dc7a9b322e4ed6220ef29cd1bc files/heimdal-0.6-berkdb.patch 542 MD5 0f222a777af729dc4d6076ab03342056 files/krb5.conf 423 -MD5 12c2f086658ad67e3ddaf1340cb9405a files/01heimdal 125 MD5 59cbfb44a4bd4c27cf0dd3943b50ae52 files/digest-heimdal-0.6.2-r1 66 -MD5 d241569631159016adcce030e98dcb72 files/heimdal-kadmind 555 -MD5 59cbfb44a4bd4c27cf0dd3943b50ae52 files/digest-heimdal-0.6.2 66 +MD5 f0e0f39d4efb0fe27133d47bff91e453 files/heimdal-0.6.3.all.patch 2313 +MD5 52dcc61b4dcb2747e0f2cbd2b1b3186f files/heimdal-0.6.3-ldap-subtree.patch 737 MD5 3d0262aa218e1611500de735d3581e28 files/heimdal-0.6.1-fPIC.patch 352 +MD5 06ae43d9ec1ce6f03630f6bd5e1631eb files/krb5-kdc.schema 4051 MD5 2be6ab7b49a076e078f34913d65bcaad files/heimdal-kdc 514 -MD5 bdcc2eedb42140afd25307f21aa5bb17 files/heimdal-0.6-gcc3.patch 466 -MD5 2912d07f59da59800652b98c8b8c32c8 files/heimdal-kpasswdd 560 -MD5 8eb01abfea336bcb2791c23ef05a5b24 files/heimdal-0.6-rxapps.patch 729 -MD5 35eed8dc7a9b322e4ed6220ef29cd1bc files/heimdal-0.6-berkdb.patch 542 MD5 3d0262aa218e1611500de735d3581e28 files/heimdal-0.6.2-fPIC.patch 352 +MD5 8eb01abfea336bcb2791c23ef05a5b24 files/heimdal-0.6-rxapps.patch 729 +MD5 f4811d443f68fe11946a031ada8ce125 files/heimdal-kpasswdd 551 +MD5 59cbfb44a4bd4c27cf0dd3943b50ae52 files/digest-heimdal-0.6.2 66 MD5 3927bef9ae6c9b6cf6c5d6eb9c2bfcf7 files/digest-heimdal-0.6.3 66 -MD5 f0e0f39d4efb0fe27133d47bff91e453 files/heimdal-0.6.3.all.patch 2313 -MD5 06ae43d9ec1ce6f03630f6bd5e1631eb files/krb5-kdc.schema 4051 -MD5 52dcc61b4dcb2747e0f2cbd2b1b3186f files/heimdal-0.6.3-ldap-subtree.patch 737 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.2.4 (GNU/Linux) - -iD8DBQFBRb+JmdTrptrqvGERAiSJAJwMGmKyoUhd+uy7pnB+yGeD1rC7RwCff0R1 -8wvvCn8G1MJs50hJi5/hF7c= -=3/q1 ------END PGP SIGNATURE----- +MD5 bdcc2eedb42140afd25307f21aa5bb17 files/heimdal-0.6-gcc3.patch 466 +MD5 12c2f086658ad67e3ddaf1340cb9405a files/01heimdal 125 +MD5 0becad2fb5b2e15b30b47b2939304647 files/heimdal-kadmind 546 diff --git a/app-crypt/heimdal/files/heimdal-kadmind b/app-crypt/heimdal/files/heimdal-kadmind index 0ad9c9a6b593..117cb7953ff3 100644 --- a/app-crypt/heimdal/files/heimdal-kadmind +++ b/app-crypt/heimdal/files/heimdal-kadmind @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/files/heimdal-kadmind,v 1.2 2004/09/13 15:40:34 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/files/heimdal-kadmind,v 1.3 2004/09/13 22:44:54 solar Exp $ depend() { need net @@ -19,6 +19,6 @@ start() { stop() { ebegin "Stopping heimdal kadmind" start-stop-daemon --stop --quiet --exec \ - /usr/libexec/kadmind + /usr/sbin/kadmind eend $? } diff --git a/app-crypt/heimdal/files/heimdal-kpasswdd b/app-crypt/heimdal/files/heimdal-kpasswdd index b6e73662cf3a..517cb862109e 100644 --- a/app-crypt/heimdal/files/heimdal-kpasswdd +++ b/app-crypt/heimdal/files/heimdal-kpasswdd @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/files/heimdal-kpasswdd,v 1.2 2004/09/13 15:40:34 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/files/heimdal-kpasswdd,v 1.3 2004/09/13 22:44:54 solar Exp $ depend() { need net @@ -19,6 +19,6 @@ start() { stop() { ebegin "Stopping heimdal kpasswdd" start-stop-daemon --stop --quiet --exec \ - /usr/libexec/kpasswdd + /usr/sbin/kpasswdd eend $? } diff --git a/app-crypt/heimdal/heimdal-0.6.3.ebuild b/app-crypt/heimdal/heimdal-0.6.3.ebuild index 5afc3678b5fc..5f475c50ecb7 100644 --- a/app-crypt/heimdal/heimdal-0.6.3.ebuild +++ b/app-crypt/heimdal/heimdal-0.6.3.ebuild @@ -1,8 +1,8 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/heimdal-0.6.3.ebuild,v 1.1 2004/09/13 15:40:34 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/heimdal/heimdal-0.6.3.ebuild,v 1.2 2004/09/13 22:44:54 solar Exp $ -inherit libtool eutils +inherit libtool eutils flag-o-matic DESCRIPTION="Kerberos 5 implementation from KTH" SRC_URI="ftp://ftp.pdc.kth.se/pub/heimdal/src/${P}.tar.gz" @@ -10,8 +10,7 @@ HOMEPAGE="http://www.pdc.kth.se/heimdal/" SLOT="0" LICENSE="as-is" -KEYWORDS="-*" -#KEYWORDS="~x86 ~sparc ~ppc ~alpha ~ia64 ~amd64 ~hppa ~mips" +KEYWORDS="~x86 ~sparc ~ppc ~alpha ~ia64 ~amd64 ~hppa ~mips" IUSE="ssl berkdb ipv6 krb4 ldap" PROVIDE="virtual/krb5" @@ -53,9 +52,9 @@ src_compile() { && myconf="${myconf} --with-krb4 --with-krb4-config=/usr/athena/bin/krb4-config" \ || myconf="${myconf} --without-krb4" - use ldap && myconf="${myconf} --with-open-ldap=/usr" + use ldap && myconf="${myconf} --with-openldap=/usr" - append-ldflags -Wl,-z + append-ldflags -Wl,-z,now econf ${myconf} || die "econf failed" emake || die |