diff options
| author |   Eray Aslan <eras@gentoo.org> | 2012-01-17 20:14:05 +0000 |
|---|---|---|
| committer | Eray Aslan <eras@gentoo.org> | 2012-01-17 20:14:05 +0000 |
| commit | 869e33d48cf07ea45b60602cdb19d55c72f192dd (patch) | |
| tree | 4f585c408fc2a93e8005230d3e78f9308c826883 /app-crypt/mit-krb5-appl | |
| parent | remove vulnerable versions (diff) | |
| download | historical-869e33d48cf07ea45b60602cdb19d55c72f192dd.tar.gz historical-869e33d48cf07ea45b60602cdb19d55c72f192dd.tar.bz2 historical-869e33d48cf07ea45b60602cdb19d55c72f192dd.zip | |
remove vulnerable versions
Package-Manager: portage-2.1.10.44/cvs/Linux x86_64
Diffstat (limited to 'app-crypt/mit-krb5-appl')
| -rw-r--r-- | app-crypt/mit-krb5-appl/ChangeLog | 7 | ||||
| -rw-r--r-- | app-crypt/mit-krb5-appl/Manifest | 27 | ||||
| -rw-r--r-- | app-crypt/mit-krb5-appl/files/CVE-2011-1526.patch | 58 | ||||
| -rw-r--r-- | app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1-r1.ebuild | 58 | ||||
| -rw-r--r-- | app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1.ebuild | 57 | ||||
| -rw-r--r-- | app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.2.ebuild | 53 |
6 files changed, 22 insertions, 238 deletions
diff --git a/app-crypt/mit-krb5-appl/ChangeLog b/app-crypt/mit-krb5-appl/ChangeLog index 7a0650df65c2..67cf11106979 100644 --- a/app-crypt/mit-krb5-appl/ChangeLog +++ b/app-crypt/mit-krb5-appl/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for app-crypt/mit-krb5-appl # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5-appl/ChangeLog,v 1.25 2012/01/08 15:58:41 armin76 Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5-appl/ChangeLog,v 1.26 2012/01/17 20:14:05 eras Exp $ + + 17 Jan 2012; Eray Aslan <eras@gentoo.org> -mit-krb5-appl-1.0.1.ebuild, + -mit-krb5-appl-1.0.1-r1.ebuild, -mit-krb5-appl-1.0.2.ebuild, + -files/CVE-2011-1526.patch: + remove vulnerable versions 08 Jan 2012; Raúl Porcel <armin76@gentoo.org> mit-krb5-appl-1.0.2-r1.ebuild: alpha/arm/ia64/m68k/s390/sh/sparc stable wrt #396137 diff --git a/app-crypt/mit-krb5-appl/Manifest b/app-crypt/mit-krb5-appl/Manifest index 4cf87d5d3587..6336cf9a2c84 100644 --- a/app-crypt/mit-krb5-appl/Manifest +++ b/app-crypt/mit-krb5-appl/Manifest @@ -1,22 +1,27 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 +Hash: SHA256 -AUX CVE-2011-1526.patch 2076 RMD160 780d9769e3b2661b927b26295f14a31dee314213 SHA1 5e52a66b299407f54038fc287732160aabce51ff SHA256 a3f14859883cdeff846aaea2e35738a6580549d634986fdfc41d178e33135459 AUX CVE-2011-4862.patch 393 RMD160 464588d93e01cfcb7fba821fac46265958c0efa8 SHA1 9f01a9700f60066a69cb6002c3610fed51da0459 SHA256 20282d3f28101a318af42c45e54649c2e7099ab0bb900352490926af81ed1608 -DIST krb5-appl-1.0.1-signed.tar 645120 RMD160 ca0668b623dcf4dc5a0699fa47d86660aac5544a SHA1 128662c9860f61a51c9bcaf1b6217467faa12324 SHA256 124322481e4f8e0b119b527071f2f707168060e17748cf34c8bf5af747c3e311 DIST krb5-appl-1.0.2-signed.tar 634880 RMD160 af6e0c8ece7fe3821b373621672ad15e09508a90 SHA1 f9a75c1e3b495ab6b3a4004274ffb35f9fe24756 SHA256 ca82209ba11e37390a7b79b0eb27abac9526442d296d60b752a0a94969bbad7d DIST krb5-appl-1.0.3-signed.tar 634880 RMD160 491359af5da2ea3c680811b08d9696eb43794a21 SHA1 6711c1b46633e666e6e707363ffffce5e1c84d9d SHA256 feb88581eba566554ad515a6fcf18cee11e8409a2c4755bf5188db96f0b7f039 -EBUILD mit-krb5-appl-1.0.1-r1.ebuild 1558 RMD160 47dbeb22faaa894f1fd486bc3a5c9812be9d1865 SHA1 4797794bd1894a3303cf9516f945b901bdabbd81 SHA256 b1c2d84e515c48bf1939ea2f21f9ebd0ef5e78043d78ed0cbeeb67e004cd4602 -EBUILD mit-krb5-appl-1.0.1.ebuild 1479 RMD160 91c40228567269baed8f4afefdb72f6e8a47f759 SHA1 32267caa3e54cca0baf430afec3dd379493535f3 SHA256 d56f0f940aadf0857833474d2f24939724038b13f47a3a47c1db913f8053651d EBUILD mit-krb5-appl-1.0.2-r1.ebuild 1582 RMD160 673182e43f9be87ec3e4f317cf1dc310cfd8ffbf SHA1 83221e7c16a251c874585eb080450d020ee722c2 SHA256 76c799436b7fef543fba2264c3ec9e3cc541dd4d2b7d85d7becf98c2fbe575eb -EBUILD mit-krb5-appl-1.0.2.ebuild 1484 RMD160 5707c5242ad71051cdd6849432601cf3dcf87867 SHA1 2e8d3625874a3f7ad0c4fc9e4970912401b37096 SHA256 62c1e26b5c39ab6408a9513226003a1327d88adca806414f42838ace195efb87 EBUILD mit-krb5-appl-1.0.3.ebuild 1527 RMD160 207fabcc649d60f6daa3790933a3b58035288423 SHA1 78c80ba10c8218ff94527f2ea474401af0f1985d SHA256 86deaa44764f7ab8e0c5bbb81e924cb054b69a6f7ceefa861ec8bebcac8fc300 -MISC ChangeLog 3426 RMD160 8d27c0e5f705fdc49aaad9d14dd4e13a9a8fb0f5 SHA1 c440380af89535684385d405e4ff7353f422fd08 SHA256 2906557d12d06b60f3b7d076528af699fa4ea92a60c7afe9b1469a0a3e5c9fbf +MISC ChangeLog 3619 RMD160 4ed31467a1fe010ba0883b4457728be6a369d0c2 SHA1 8053abd00eeb6ae467a3d43be87f6b1a4fe9d3a5 SHA256 9ebbc384505f03aa6ad6cfce6ab819d8b3130956f2490fd03c2f826963296552 MISC metadata.xml 161 RMD160 d985cebdc76fcff9904d6ed365cce080bfc5c468 SHA1 64cc2a9dea22e8618348d9916a6288a894ded3f2 SHA256 24dcbc1b12d6ed52621a4edec3764c838cab1b32f5fc982ce0fe305822c562c7 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.17 (GNU/Linux) +Version: GnuPG v2.0.18 (GNU/Linux) -iEYEARECAAYFAk8JvTcACgkQuQc30/atMkBAiQCeJ6Rrrxf/uZv1MNonosLw34Ls -3REAoLNtJEDzG2+t5M0D74jJ5sz3NsTZ -=VYxl +iQIcBAEBCAAGBQJPFdaSAAoJEHfx8XVYajsf1BUQAKpPE1D9kq64aFXhTQv1CEoa +oRDldnlDz4yDsi2xhDqV1cq5wvg/CtPNMlXtsOrtQytSTt9LIClI4XW54nek7/0T +j3hFzG332TM4GzGCO27sBleEpW43gx5xBHkUAqjh0WeX2rML6UN/xMRDtBxWBTT8 +dOou718rCz1LLDz/k44BtdGc/Ovvq345FPk4qdRXePK3i8q6Dtc5/X4qWhBf3K/r +iohofgFfGehz18T5RKmtcvsbVILG8+P5IGhcePE67s7ZOb9lkjOK0K7k5FpiCqlj +GHFwuOGeJoaxcU57or9gWVePUOEI1VsKbMN2r+syK0kU03y7PcKtzzRapH4eE3ZM +fe1jGGc8Mn1sci7piac+rMEOqf7e/wiYxDaljEX/CU21JyuTk18er0/xPrI6EZ18 +wXvCz9ycyy5AhDcvI5Jk+J524GmBppOjOfc5PxOg1eCVnqxrFrod9nBWnBDDJn1x +pGiSudqTKIhkQ7TU0+X19h53Q5MWzt4617lzWi83jlfQmfcBRSfs/9BoRmIx5cZy +KPMBNxMXJ9IhM+/sRf68rtAY7ivvk8yVt/blxT7Ecun4bfczZUG0Alxlr9rASrBf +USBHtKJJT6kiQqH2CWc42rt7XiSPmlz3nfV7Mve6tYhkPLr/W7ctfvOFSK7GLL+B +oUGVJ/3sRqub1XjrQDIP +=iXHY -----END PGP SIGNATURE----- diff --git a/app-crypt/mit-krb5-appl/files/CVE-2011-1526.patch b/app-crypt/mit-krb5-appl/files/CVE-2011-1526.patch deleted file mode 100644 index 9c4466214e53..000000000000 --- a/app-crypt/mit-krb5-appl/files/CVE-2011-1526.patch +++ /dev/null @@ -1,58 +0,0 @@ -diff --git a/configure.ac b/configure.ac -index 86e23f1..2fe68ad 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -107,6 +107,7 @@ AC_CHECK_FUNCS(_getpty cgetent getcwd getenv gettosbyname getusershell getutmp) - AC_CHECK_FUNCS(getutmpx grantpt inet_aton initgroups isatty killpg killpg) - AC_CHECK_FUNCS(line_push ptsname revoke rmufile rresvport_af) - AC_CHECK_FUNCS(seteuid setlogin setpgid setpriority setresuid setreuid) -+AC_CHECK_FUNCS(setegid setregid setresgid) - AC_CHECK_FUNCS(setutent setutsent setutxent strsave tcgetpgrp tcsetpgrp) - AC_CHECK_FUNCS(ttyname unsetenv updwtmp updwtmpx utimes utmpname utmpxname) - AC_CHECK_FUNCS(vhangup vsnprintf waitpid) -diff --git a/gssftp/ftpd/ftpd.c b/gssftp/ftpd/ftpd.c -index fe62a9c..a150819 100644 ---- a/gssftp/ftpd/ftpd.c -+++ b/gssftp/ftpd/ftpd.c -@@ -994,9 +994,14 @@ login(passwd, logincode) - #endif - } - -- (void) krb5_setegid((gid_t)pw->pw_gid); -- (void) initgroups(pw->pw_name, pw->pw_gid); -- -+ if (krb5_setegid((gid_t)pw->pw_gid) < 0) { -+ reply(550, "Can't set egid."); -+ goto bad; -+ } -+ if (geteuid() == 0 && initgroups(pw->pw_name, pw->pw_gid) < 0) { -+ reply(550, "Can't initgroups"); -+ goto bad; -+ } - /* open wtmp before chroot */ - (void) snprintf(ttyline, sizeof(ttyline), "ftp%ld", (long) getpid()); - pty_logwtmp(ttyline, pw->pw_name, rhost_sane); -diff --git a/k5-util.h b/k5-util.h -index 7bb8cfb..64cd53d 100644 ---- a/k5-util.h -+++ b/k5-util.h -@@ -69,8 +69,7 @@ - #elif defined(HAVE_SETREUID) - # define krb5_seteuid(EUID) setreuid(geteuid(), (uid_t)(EUID)) - #else -- /* You need to add a case to deal with this operating system.*/ --# define krb5_seteuid(EUID) (errno = EPERM, -1) -+# error "You need to add a case to deal with this operating system." - #endif - - #ifdef HAVE_SETEGID -@@ -80,8 +79,7 @@ - #elif defined(HAVE_SETREGID) - # define krb5_setegid(EGID) (setregid(getegid(), (gid_t)(EGID))) - #else -- /* You need to add a case to deal with this operating system.*/ --# define krb5_setegid(EGID) (errno = EPERM, -1) -+# error "You need to add a case to deal with this operating system." - #endif - - #endif diff --git a/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1-r1.ebuild b/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1-r1.ebuild deleted file mode 100644 index 732fbea1e503..000000000000 --- a/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1-r1.ebuild +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1-r1.ebuild,v 1.6 2011/07/11 02:00:58 jer Exp $ - -EAPI=4 - -inherit flag-o-matic versionator autotools eutils - -MY_P=${P/mit-} -MAJOR_MINOR="$( get_version_component_range 1-2 )" -DESCRIPTION="Kerberized applications split from the main MIT Kerberos V distribution" -HOMEPAGE="http://web.mit.edu/kerberos/www/" -SRC_URI="http://web.mit.edu/kerberos/dist/krb5-appl/${MAJOR_MINOR}/${MY_P}-signed.tar" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" -IUSE="" - -RDEPEND=">=app-crypt/mit-krb5-1.8.0" -DEPEND="${RDEPEND}" - -S=${WORKDIR}/${MY_P} - -src_unpack() { - unpack ${A} - unpack ./"${MY_P}".tar.gz -} - -src_prepare() { - epatch "${FILESDIR}/CVE-2011-1526.patch" - eautoreconf -} - -src_configure() { - append-flags "-I/usr/include/et" - append-flags -fno-strict-aliasing - append-flags -fno-strict-overflow - econf -} - -src_install() { - emake DESTDIR="${D}" install - for i in {telnetd,ftpd} ; do - mv "${D}"/usr/share/man/man8/${i}.8 "${D}"/usr/share/man/man8/k${i}.8 \ - || die "mv failed (man)" - mv "${D}"/usr/sbin/${i} "${D}"/usr/sbin/k${i} || die "mv failed" - done - - for i in {rcp,rlogin,rsh,telnet,ftp} ; do - mv "${D}"/usr/share/man/man1/${i}.1 "${D}"/usr/share/man/man1/k${i}.1 \ - || die "mv failed (man)" - mv "${D}"/usr/bin/${i} "${D}"/usr/bin/k${i} || die "mv failed" - done - - rm "${D}"/usr/share/man/man1/tmac.doc - dodoc README -} diff --git a/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1.ebuild b/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1.ebuild deleted file mode 100644 index 8704241aca3c..000000000000 --- a/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1.ebuild +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.1.ebuild,v 1.7 2011/04/23 18:24:42 armin76 Exp $ - -EAPI="2" - -inherit flag-o-matic versionator - -MY_P=${P/mit-} -MAJOR_MINOR="$( get_version_component_range 1-2 )" -DESCRIPTION="Kerberized applications split from the main MIT Kerberos V distribution" -HOMEPAGE="http://web.mit.edu/kerberos/www/" -SRC_URI="http://web.mit.edu/kerberos/dist/krb5-appl/${MAJOR_MINOR}/${MY_P}-signed.tar" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" -IUSE="" - -RDEPEND=">=app-crypt/mit-krb5-1.8.0" -DEPEND="${RDEPEND}" - -S=${WORKDIR}/${MY_P} - -src_unpack() { - unpack ${A} - unpack ./"${MY_P}".tar.gz -} - -src_configure() { - append-flags "-I/usr/include/et" - econf -} - -src_compile() { - emake || die "emake failed" -} - -src_install() { - - emake DESTDIR="${D}" install || die "make install failed" - for i in {telnetd,ftpd} ; do - mv "${D}"/usr/share/man/man8/${i}.8 "${D}"/usr/share/man/man8/k${i}.8 \ - || die "mv failed (man)" - mv "${D}"/usr/sbin/${i} "${D}"/usr/sbin/k${i} || die "mv failed" - done - - for i in {rcp,rlogin,rsh,telnet,ftp} ; do - mv "${D}"/usr/share/man/man1/${i}.1 "${D}"/usr/share/man/man1/k${i}.1 \ - || die "mv failed (man)" - mv "${D}"/usr/bin/${i} "${D}"/usr/bin/k${i} || die "mv failed" - done - - rm "${D}"/usr/share/man/man1/tmac.doc - dodoc README - -} diff --git a/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.2.ebuild b/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.2.ebuild deleted file mode 100644 index 548fb9432a34..000000000000 --- a/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.2.ebuild +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-crypt/mit-krb5-appl/mit-krb5-appl-1.0.2.ebuild,v 1.1 2011/07/13 10:45:22 eras Exp $ - -EAPI=4 - -inherit flag-o-matic versionator eutils - -MY_P=${P/mit-} -MAJOR_MINOR="$( get_version_component_range 1-2 )" -DESCRIPTION="Kerberized applications split from the main MIT Kerberos V distribution" -HOMEPAGE="http://web.mit.edu/kerberos/www/" -SRC_URI="http://web.mit.edu/kerberos/dist/krb5-appl/${MAJOR_MINOR}/${MY_P}-signed.tar" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -IUSE="" - -RDEPEND=">=app-crypt/mit-krb5-1.8.0" -DEPEND="${RDEPEND}" - -S=${WORKDIR}/${MY_P} - -src_unpack() { - unpack ${A} - unpack ./"${MY_P}".tar.gz -} - -src_configure() { - append-flags "-I/usr/include/et" - append-flags -fno-strict-aliasing - append-flags -fno-strict-overflow - econf -} - -src_install() { - emake DESTDIR="${D}" install - for i in {telnetd,ftpd} ; do - mv "${D}"/usr/share/man/man8/${i}.8 "${D}"/usr/share/man/man8/k${i}.8 \ - || die "mv failed (man)" - mv "${D}"/usr/sbin/${i} "${D}"/usr/sbin/k${i} || die "mv failed" - done - - for i in {rcp,rlogin,rsh,telnet,ftp} ; do - mv "${D}"/usr/share/man/man1/${i}.1 "${D}"/usr/share/man/man1/k${i}.1 \ - || die "mv failed (man)" - mv "${D}"/usr/bin/${i} "${D}"/usr/bin/k${i} || die "mv failed" - done - - rm "${D}"/usr/share/man/man1/tmac.doc - dodoc README -} |