| non port: security/heimdal/pkg-plist |
|
SVNWeb
|
Number of commits found: 40 |
|
Tue, 15 Nov 2022
|
[ 22:09 Cy Schubert (cy)  ]    83f79ba
security/heimdal: Update to 7.8.0
This upgrade fixes multiple security vulnerabilities.
The following issues are patched:
- CVE-2022-42898 PAC parse integer overflows
- CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
- CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
- CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0
on the Common Vulnerability Scoring System (CVSS) v3, as we believe
it should be possible to get an RCE on a KDC, which means that
credentials can be compromised that can be used to impersonate(Only the first 15 lines of the commit message are shown above  )
|
|
Wed, 19 Feb 2020
|
[ 06:20 hrs ]  
Update to 7.7.0.
|
|
Tue, 3 Jan 2017
|
[ 13:52 hrs ] (Only the first 10 of 34 ports in this commit are shown above. )
Update to 7.1.0. Changes include:
- hcrypto is now thread safe on all platforms and as much as possible
hcrypto now uses the operating system's preferred crypto
implementation ensuring that optimized hardware assisted
implementations of AES-NI are used.
- RFC 6113 Generalized Framework for Kerberos Pre-Authentication
(FAST).
- Hierarchical capath support
- iprop has been revamped to fix a number of race conditions that
could lead to inconsistent replication.
(Only the first 15 lines of the commit message are shown above )
|
|
Sat, 12 Nov 2016
|
[ 21:22 hrs ]
- Fix Berkeley DB dependency. It now properly uses BDB_LIB specified in
Mk/Uses/bdb.mk instead of db185 interfaces in libc.
As a side-effect, this causes a compatibility issue between
heimdal.db created by kadmin(8) in the base system or one by
an older security/heimdal. See UPDATING about this issue.
- Fix readline dependency end eliminate libheimedit.
- Use -lpthread instead of -pthread.
- Use FOO_CONFIGURE_WITH=foo instead of FOO_CONFIGURE_ON=--with-foo.
|
|
Wed, 2 Nov 2016
|
[ 09:51 hrs ]
Add missing header files (com_err.h and com_right.h).
Submitted by: Franco Fichtner
PR: 213470
|
|
Sat, 22 Nov 2014
|
[ 10:51 hrs ]
- Move headers and libraries into PREFIX/{include,lib}/heimdal. This
prevents build breakage when a port depends on heimdal in base and
some other libraries in LOCALBASE/lib such as OpenSSL from ports
at the same time.
- Always build libcom_err[*].
PR: 194475 [*]
|
|
Sat, 30 Aug 2014
|
[ 17:18 hrs ]
Fix build on branches which do not have com_right_r() in libcom_err.
Spotted by: ume
|
[ 12:44 hrs ]
- Add LICENSE.
- Build kcm by default.
- Use gssapi.mk.
- Use ${opt}_* variables instead of .if ${PORT_OPTIONS:Mopt} wherever possible.
- Use /var/heimdal as $hdbdir for compatibility with Heimdal in base.
- Merge pkg-plist.* into pkg-plist.
- Remove lines that are no longer valid.
- Remove stale kdc.sh. rc.d scripts in base system work with this port.
|
|
Tue, 8 Jul 2014
|
[ 21:48 jkim ]
Fix plist again. r361101 reverted SQLITE fixes in r358060 and r358150.
Pointyhat to: tijl
|
[ 16:16 tijl ]
- Fix pkg-plist [1]
- Add INSTALL_TARGET=install-strip
Reported by: swills (jenkins) [1]
|
|
Mon, 7 Jul 2014
|
[ 15:42 tijl ]
- Convert to USES=libtool
- Remove USE_AUTOTOOLS
|
|
Tue, 1 Jul 2014
|
[ 15:25 adamw ]
Fix packaging without KCM
|
|
Tue, 17 Jun 2014
|
[ 17:00 jkim ]
Fix plist without SQLITE option, i.e., r358060 was incomplete. Actually,
this option is very confusing. This option does not enable SQLite support
but enables building with existing SQLite library, i.e., disables building
with bundled SQLite source.
Submitted by: mat
|
|
Mon, 16 Jun 2014
|
[ 23:28 jkim ]
Fix plist for SQLITE option. We do not build bundled SQLite for years.
|
|
Tue, 10 Jun 2014
|
[ 22:08 marino ]
security/heimdal: Mark not-jobs-safe and fix cracklib location
While here:
* Clean up options and PLIST_SUB with new option framework capabilities
* Remove condition for FreeBSD 6 and earlier
- Remove never-fulfilled plist condition
- Move extra-patch to always-patch
* minor cosmetic realignment
PR: 181923
Submitted by: dewayne
|
|
Tue, 8 Apr 2014
|
[ 12:56 knu ]
Fix heimdal.
- Resolve conflict with security/openssl regarding manual pages.
- Add a couple of patches from the upstream.
- Remove NO_STAGE and delete obsolete MLINKS while at it.
PR: 177397
Submitted by: Shane Ambler <FreeBSD@ShaneWare.Biz>
Approved by: (MAINTAINER timeout)
|
|
Sat, 5 May 2012
|
[ 19:54 wxs ] (Only the first 10 of 25 ports in this commit are shown above. )
Update to 1.5.2
PR: ports/166320
Submitted by: Joerg Pulz <Joerg.Pulz@frm2.tum.de> (maintainer)
|
|
Sun, 31 Oct 2010
|
[ 17:02 wxs ] (Only the first 10 of 21 ports in this commit are shown above. )
Update to 1.4
PR: ports/151506
Submitted by: Joerg Pulz <Joerg.Pulz@frm2.tum.de>
|
|
Mon, 12 Nov 2007
|
[ 23:27 pav ]
- hcrypto library is only installed on FreeBSD < 7.0
Reported by: pointyhat
Approved by: portmgr (hat)
|
|
Thu, 27 Sep 2007
|
[ 00:16 shaun ]
Upgrade to 1.0.1.
PR: ports/115589
Submitted by: Rasmus Kaj <kaj@kth.se>
|
|
Thu, 1 Feb 2007
|
[ 02:42 kris ] (Only the first 10 of 348 ports in this commit are shown above. )
Use libtool port instead of included version to avoid objformat a.out botch
|
|
Thu, 5 Oct 2006
|
[ 16:07 shaun ]
- Update to 0.7.2.
- Improve pkg-descr, etc.
- Take maintainership.
|
|
Tue, 12 Jul 2005
|
[ 17:07 jylefort ]
- Let configure know that we have fnmatch.h (fixes some fnmatch-using
C++ ports, since the fnmatch.h which was uselessly installed by
heimdal did not wrap the fnmatch() declaration in extern C {}) [1]
- Fix the packing list on 4.x
[1]
PR: ports/80366
Submitted by: Joan Picanyol i Puig <lists-freebsd-gnats@biaix.org>
Approved by: maintainer timeout (76 days)
|
|
Mon, 12 Apr 2004
|
[ 18:03 nectar ]
Fix packaging: com_err will only be built and installed on a few systems
where compile_et is not modern enough.
|
|
Fri, 2 Apr 2004
|
[ 23:06 nectar ]
Update 0.6 -> 0.6.1
Use OPTIONS
Use USE_OPENLDAP
|
|
Tue, 19 Aug 2003
|
[ 23:24 nectar ]
Update 0.5.1 -> 0.6.
Switch to using `INFO' while we are at it.
|
|
Thu, 19 Sep 2002
|
[ 13:04 nectar ]
Update 0.4e -> 0.5
|
|
Fri, 7 Sep 2001
|
[ 20:45 nectar ] (Only the first 10 of 14 ports in this commit are shown above. )
Update 0.4d -> 0.4e
|
|
Fri, 17 Aug 2001
|
[ 21:28 nectar ]
Move the man pages back out of the PLIST, but this time into a separate
Makefile (Makefile.man).
|
[ 20:45 nectar ]
Add a couple of missing man pages.
|
[ 20:29 nectar ]
There are now too many man pages to usefully maintain with MANn= in the
Makefile. Move them to the PLIST instead.
|
|
Tue, 31 Jul 2001
|
[ 17:41 nectar ]
Update 0.4b -> 0.4c
|
|
Fri, 6 Jul 2001
|
[ 23:55 nectar ]
Update 0.3f -> 0.4b
|
|
Mon, 11 Jun 2001
|
[ 19:37 nectar ]
Update 0.3e -> 0.3f. From the announcement: * change default keytab to
ANY:FILE:/etc/krb5.keytab,krb4:/etc/srvtab, the new keytab type that tries
both of these in order (SRVTAB is also an alias for krb4:) * improve
error reporting and error handling (error messages should be more detailed
and more useful) * improve building with openssl * add kadmin -K, rcp -F
* fix two incorrect weak DES keys * fix building of kaserver compat in KDC
* the API is closer to what MIT krb5 is using * more compatible with windows
2000 * removed some memory leaks * bug fixes
|
|
Tue, 17 Apr 2001
|
[ 17:25 nectar ]
Add a sample start-up script for the KDC.
|
|
Mon, 5 Feb 2001
|
[ 15:50 nectar ]
Update 0.3d -> 0.3e.
|
|
Thu, 4 Jan 2001
|
[ 16:34 nectar ]
Missed in previous commit: remove headers for libdes (they are in a seperate
PLIST now).
|
[ 16:30 nectar ]
= Update to use OpenSSL in the base if it has MD4 support (version 0.9.6 or
later). If these libraries are used, then this port's libdes will not be
built nor installed.
|
|
Thu, 14 Dec 2000
|
[ 16:13 nectar ]
Update 0.3c -> 0.3d
|
|
Thu, 9 Nov 2000
|
[ 23:35 nectar ] (Only the first 10 of 11 ports in this commit are shown above. )
= Use system libcom_err. No longer build or install the included libcom_err
and compile_et.
|
Number of commits found: 40 |
As an Amazon Associate I earn from qualifying purchases.