| Commit History - (may be incomplete: see SVNWeb link above for full details) |
| Date | By | Description |
24 Apr 2013 18:10:32
  1.11.2
|
ak  |
- Convert USE_GETTEXT to USES (part 3)
Approved by: portmgr (bapt) |
17 Apr 2013 00:41:38
1.11.2
|
cy |
Update 1.11.1 --> 1.11.2
Major changes in 1.11.2 (2013-04-12)
====================================
This is a bugfix release.
* Incremental propagation could erroneously act as if a slave's
database were current after the slave received a full dump that
failed to load.
* gss_import_sec_context incorrectly set internal state that
identifies whether an imported context is from an interposer
mechanism or from the underlying mechanism.
Feature safe: yes |
29 Mar 2013 19:33:42
1.11.1_1
|
cs |
- Remove A/An in COMMENT
- Trim Header where applicable |
05 Mar 2013 16:10:39
1.11.1_1
|
cy |
Reset ulog if database load failed.
Avoids a slave reporting it is current when a full resync fails.
Obtained
from: https://github.com/rbasch/krb5/commit/2ef5ae0607d1c317a936e439b4be7a6f5184dc |
22 Feb 2013 20:03:17
1.11.1
|
cy |
Update 1.11 --> 1.11.1.
Security: Fix a null pointer dereference in the KDC PKINIT code [CVE-2013-1415]. |
24 Jan 2013 14:15:26
1.11
 |
cy |
Fix verto.h missing build error on some systems.
The following contributed by mandree@:
- Header standardization.
- Make use of OptionsNG.
- Make portlint happy. |
22 Jan 2013 04:03:18
1.11
|
cy |
Update 1.10.3 --> 1.11 |
04 Nov 2012 02:10:50
1.10.3_1
|
cy |
Fix plist.
Feature safe: yes |
03 Nov 2012 18:59:38
1.10.3
|
cy |
Update krb5 1.9.2 --> 1.10.3
Feature safe: yes |
09 Jul 2012 19:20:09
1.9.2_3
|
cy |
Fix build of security/krb5 with clang.
PR: 169740
Submitted by: Niclas Zeising <zeising@daemonic.se> |
01 Jun 2012 05:26:28
1.9.2_3
|
dinoex |
- update png to 1.5.10 |
06 Apr 2012 07:41:20
1.9.2_2
|
pav |
- pointyhat kludge - tetex drags in port-OpenSSL on 7.X, but only as a build
dependency. Yet this triggers autodetection code in bsd.openssl.mk and
OpenSSL dependency is registered with the resulting package, creating a
discord between INDEX and actual package. Work around by explicitly recording
the dependency in a way that INDEX build will see.
OK'ed by: cy (maintainer)
Feature safe: yes |
14 Dec 2011 04:33:23
1.9.2_1
|
cy |
PORTREVISION bump.
PR: 163272
Feature safe: yes |
14 Dec 2011 04:31:22
1.9.2
|
cy |
Apply patch for MITKRB5-SA-2011-007, KDC null pointer dereference in TGS
handling.
PR: 163272
Submitted by: zi
Security: 6c7d9a35-2608-11e1-89b4-001ec9578670
Feature safe: yes |
16 Nov 2011 20:38:49
1.9.2
|
cy |
Update 1.9.1 --> 1.9.2. This is a bugfix release.
Feature safe: yes |
06 Sep 2011 15:55:36
1.9.1_1
|
cy |
Apply patch from MIT KRB5 GIT tree commit: 043533c2f13d2bc69316.
libgssrpc was ignorant of the remote address of the kadmin socket,
even when it's IPv4. This made old-style GSSAPI authentication fail
because it uses the wrong channel bindings. Fix this problem by making
clnttcp_create() get the remote address from the socket using getpeername()
if the caller doesn't provide it and it's an IPv4 address.
PR: 160500
Submitted by: Ben Kaduk <kaduk@mit.edu> |
30 Jun 2011 04:03:11
1.9.1
|
cy |
Update 1.9 --> 1.9.1.
PR: 158520
Submitted by: Ryan Steinmetz <rpsfa@rit.edu> |
14 Apr 2011 00:39:26
1.9_5
|
cy |
Apply patch for MITKRB5-SA-2011-004, kadmind invalid pointer free()
[CVE-2011-0285]
Security: MITKRB5-SA-2011-004, CVE-2011-0285
Feature safe: yes |
08 Apr 2011 21:03:14
1.9_4
|
cy |
Bump PORTREVISION. |
08 Apr 2011 21:02:41
1.9_3
|
cy |
Adjust krb5-config when $KRB5_HOME is specified. This will allow applications
linking aganst the MIT krb5 libraries to link using the correct ones. |
25 Mar 2011 00:19:02
1.9_3
|
cy |
Apply patch for MITKRB5-SA-2011-003, KDC vulnerable to double-free when
PKINIT enabled.
Obtained from: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt
Security: MITKRB5-SA-2011-003, CVE-2011-0284
Feature safe: yes |
11 Feb 2011 01:04:09
1.9_2
|
cy |
Apply fixes for kpropd denial of service (MITKRB5-SA-2011-001) and KDC
denial of service (MITKRB5-SA-2011-002).
Security: MITKRB5-SA-2011-001 (CVE-2010-4022),
MITKRB5-SA-2011-002 (CVE-2011-0281) |
18 Jan 2011 15:06:25
1.9_1
|
cy |
Remove the OpenSSL port requirement. The base OpenSSL will work too.
Feature safe: yes |
23 Dec 2010 01:04:41
1.9
|
cy |
Update from 1.8.3_2 to 1.9. |
04 Dec 2010 07:34:27
1.8.3_2
|
ade |
Sync to new bsd.autotools.mk |
02 Dec 2010 02:09:23
1.8.3_2
|
cy |
Fix security vulnerabilities CVE-2010-1324, CVE-2010-1323, CVE-2010-4020,
CVE-2010-4021, and CVE-2010-1322.
PR: 152755
Submitted by: wollman
Security: CVE-2010-1324, CVE-2010-1323, CVE-2010-4020, CVE-2010-4021,
and CVE-2010-1322.
Feature safe: Yes |
04 Nov 2010 04:37:36
1.8.3_1
|
cy |
Enable ksu DEBUG (-D) flag. |
05 Aug 2010 22:37:11
1.8.3
|
cy |
Update to 1.8.3.
PR: 149299
Submitted by: gwollman |
25 May 2010 05:14:16
1.8.1_1
|
cy |
Apply patch for MIT KRB5 security vulnerability MITKRB5-SA-2010-005.
PR: 146939
Submitted by: wollman
Security: MIT krb5 Security Advisory 2010-005 |
24 May 2010 00:01:05
1.8.1
|
pgollucci |
- No longer broken on -current b/c of utmpx changes
PR: ports/146384
Submitted by: pgollucci@ (myself), others
Approved by: maintainer timeout (cy@, 16 days) |
26 Apr 2010 03:48:43
1.8.1
|
cy |
Welcome the new krb5-1.8.1. Significant changes include the removal of
the MIT KRB5 applications (now in a separate tarball and port). |
26 Apr 2010 03:23:08
1.7_2
|
cy |
MFkrb5-17. |
14 Apr 2010 20:21:10
1.6.3_9
|
pav |
- Mark BROKEN: does not compile
Reported by: pointyhat |
28 Mar 2010 06:47:48
1.6.3_9
|
dinoex |
- update to 1.4.1
Reviewed by: exp8 run on pointyhat
Supported by: miwi |
17 Mar 2010 06:48:40
1.6.3_8
|
miwi |
- Mark BROKEN: fails to build with new utmpx
Reported by: pointyhat |
05 Feb 2010 11:46:55
1.6.3_8
|
dinoex |
- update to jpeg-8 |
13 Oct 2009 21:37:19
1.6.3_7
|
cy |
Remove commented out option from a bygone era. |
28 Aug 2009 20:02:01
1.6.3_7
|
cy |
Remove redundant length check. |
02 Aug 2009 19:36:34
1.6.3_6
|
mezz |
-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.
It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.
With help: marcus and kwm
Pointyhat-exp: a few times by pav
Tested by: pgollucci, "Romain Tartière" <romain@blogreen.org>, and
a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by: marcus
Approved by: portmgr |
31 Jul 2009 13:57:52
1.6.3_6
|
dinoex |
- bump all port that indirectly depends on libjpeg and have not yet been bumped
or updated
Requested by: edwin |
23 May 2008 21:01:58
1.6.3_5
|
cy |
Convert missing WANT_KRB5_DOC pieces.
Add HTML documentation OPTION knob. |
14 May 2008 23:06:14
1.6.3_5
|
cy |
Implement OPTIONS menu.
Implement options that will allow the user to:
- rename ftp and ftpd to kftp and kftpd
- rename telnet and telnetd to ktelnet and ktelnetd
- rename rlogin to krlogin
- rename rsh to krsh
- rename rcp to krcp
This avoids shadowing by or being shadowed by, depending on one's PATH,
system utilities of the same name. |
19 Mar 2008 19:26:53
1.6.3_5
|
cy |
Fixes for multiple vulnerabilities.
Security: US-CERT Technical Cyber Security Alert TA08-079B --
MIT Kerberos Updates for Multiple Vulnerabilities
US-CERT Vulnerability Note VU#895609,
US-CERT Vulnerability Note VU#374121
MIT krb5 Security Advisory 2008-001
MIT krb5 Security Advisory 2008-002 |
06 Jan 2008 14:53:30
1.6.3_4
|
cy |
Fix pkinit install brokenness under 5.5 and 6.2.
Approved by: portmgr (linimon) |
24 Nov 2007 23:14:35
1.6.3_3
|
linimon |
Mark as broken: fails to install.
Approved by: portmgr (self) |
29 Oct 2007 23:23:27
1.6.3_3
|
cy |
Fix build for OpenSSL 0.9.8.
PR: 117552
Submitted by: Hirohisa Yamaguchi <umq@umo.co.jp> |
29 Oct 2007 22:49:49
1.6.3_2
|
cy |
Fix build under 7.0-PRERELEASE. |
25 Oct 2007 21:15:23
1.6.3_1
|
cy |
Fix erroneous patch.
PR: 117469
Submitted by: Karen Andrews <dearmiss@optusnet.com.au> |
23 Oct 2007 03:41:37
1.6.3
|
cy |
Update 1.6.2 --> 1.6.3
Security: fix CVE-2007-3999, CVE-2007-4743 svc_auth_gss.c buffer overflow
fix CVE-2007-4000 modify_policy vulnerability
Also: add PKINIT support |
11 Sep 2007 23:52:19
1.6.2_1
|
cy |
Patch for MIT krb5 Security Advisory 2007-006 - kadmind RPC lib buffer
overflow, uninitialized pointer
Security: MIT krb5 Security Advisory 2007-006 |
11 Jul 2007 16:51:31
1.6.2
|
cy |
Update 1.6.1 --> 1.6.2 |
26 Jun 2007 23:01:44
1.6.1_2
|
cy |
Patches for:
MITKRB5-SA-2007-004: kadmind affected by multiple RPC library vulnerabilities
MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow
Security: US CERT Technical Cyber Security Alert TA07-177A --
MIT Kerberos Vulnerabilities |
19 May 2007 20:32:57
1.6.1_1
|
flz |
- Welcome X.org 7.2 \o/.
- Set X11BASE to ${LOCALBASE} for recent ${OSVERSION}.
- Bump PORTREVISION for ports intalling files in ${X11BASE}. |
02 May 2007 21:17:33
1.6.1
|
cy |
Remove defunct (zero length) patch files.
Pointy hat to: yours truly |
23 Apr 2007 22:10:09
1.6.1
|
cy |
Update from 1.6 to 1.6.1. |
04 Apr 2007 21:12:17
1.6_2
|
cy |
MIT KRB5 Security patches:
1. MIT krb5 Security Advisory 2007-001: Telnetd allows login as arbitrary user
CVE: CVE-2007-0956
CERT: VU#220816
2. MIT krb5 Security Advisory 2007-002: KDC, kadmind stack overflow in
krb5_klog_syslog
CVE: CVE-2007-0957
CERT: VU#704024 |
04 Apr 2007 01:40:12
1.6_1
|
cy |
Fix double-free vulnerability in kadmind (via GSS-API library).
Obtained from: MIT krb5 Security Advisory 2007-003
Security: US-CERT Technical Cyber Security Alert TA07-093B -- MIT Kerberos
Vulnerabilities |
28 Mar 2007 17:32:00
1.6
|
pav |
- Fix after objformat removal
Reported by: pointyhat |
30 Jan 2007 10:25:34
1.6
|
pav |
- Remove support for a.out format and PORTOBJFORMAT variable from individual
ports
With hat: portmgr |
15 Jan 2007 03:08:17
1.6
|
cy |
Change a dependency from teTeX-base to the smaller texinfo. |
14 Jan 2007 05:13:32
1.6
|
cy |
Include new documentation dependencies.
Conditionally build and install documentation using a new knob. |
10 Jan 2007 05:06:46
1.6
|
cy |
Update 1.5.1 --> 1.6
Security: MITKRB5-SA-2006-002, MITKRB5-SA-2006-003, and
US-CERT Technical Cyber Security Alert TA07-009B |
14 Nov 2006 02:06:07
1.5.1_1
|
laszlof |
Register conflicts for srp in security/heimdal, security/krb4, and
securiry/krb5.
Bump PORTREVISION accordingly.
PR: ports/105442
Submitted by: Ruben van Staveren <ruben@verweg.com>
Reviewed by: shaun@, cy@
Approved by: flz (mentor) |
17 Sep 2006 00:48:42
1.5.1
|
cy |
Update krb5-1.5 --> krb5-1.5.1
Submitted by: Paul Vixie <paul@vix.com> |
16 Jul 2006 17:49:46
1.5_1
|
cy |
Cause the KDC to also listen on the loopback interface. This is useful
for situations when the database is replicated to a secure environment
that does not have network access, by hand. |
16 Jul 2006 16:15:09
1.5
|
cy |
Fix plugin loader. This fixes krb5kdc and kdb5_util. |
14 Jul 2006 18:37:11
1.5
|
cy |
Update 1.4.3 --> 1.5 |
13 May 2006 04:15:53
1.4.3
|
edwin |
Remove USE_REINPLACE from all categories starting with S |
23 Feb 2006 10:40:45
1.4.3
|
ade |
Conversion to a single libtool environment.
Approved by: portmgr (kris) |
24 Jan 2006 01:03:33
1.4.3
|
edwin |
SHA256ify
Approved by: krion@ |
05 Dec 2005 02:34:07
1.4.3
|
edwin |
Remove install-info from Makefile, it's automatically done when INFO is defined |
04 Dec 2005 10:58:19
1.4.3
|
edwin |
Add INFO macro |
25 Nov 2005 19:40:48
1.4.3
|
cy |
Improve runtime performance on Sparc 64 platform. |
23 Nov 2005 21:57:18
1.4.3
|
cy |
Fix the Sparc 64 build. |
22 Nov 2005 22:01:58
1.4.3
|
cy |
Flag Sparc64 build as broken. |
18 Nov 2005 00:38:05
1.4.3
|
cy |
Update 1.4.2 --> 1.4.3 |
15 Nov 2005 06:52:12
1.4.2_2
|
ade |
Mass-conversion to the USE_AUTOTOOLS New World Order. The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.
Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.
Preliminary documentation can be found at:
http://people.FreeBSD.org/~ade/autotools.txt
which is in the process of being SGMLized before introduction into the
Porters Handbook.
Light blue touch-paper. Run. |
08 Nov 2005 18:51:23
1.4.2_2
|
cy |
Fix FreeBSD-4.11 build problem
PR: 87888 |
01 Nov 2005 04:01:11
1.4.2_1
|
cy |
Fix makeinfo problem under FreeBSD-6.0. |
31 Oct 2005 21:39:16
1.4.2
|
cy |
Makeinfo 4.8 problem. |
29 Oct 2005 18:45:28
1.4.2
|
cy |
Relocate BROKEN conditional. |
29 Oct 2005 17:34:32
1.4.2
|
cy |
Fails to build on 4.11. |
28 Oct 2005 05:59:16
1.4.2
|
kris |
BROKEN: Does not build |
08 Oct 2005 19:57:44
1.4.2
|
pav |
- Set CONFLICTS with heimdal and krb4
- Portlint
PR: ports/85027
Submitted by: lofi
Approved by: maintainer timeout (cy, 7 weeks) |
04 Oct 2005 22:09:08
1.4.2
|
cy |
Update 1.4.1 --> 1.4.2 |
12 Jul 2005 21:29:27
1.4.1_1
|
cy |
Fix:
- MIT KRB5 Security Advisory 2005-002: Buffer overflow, heap corruption in KDC
- MIT KRB5 Security Advisory 2005-003: Double free in krb5_recvauth |
23 Apr 2005 01:49:07
1.4.1
|
cy |
Update 1.4 --> 1.4.1.
Package list fixup when KRB5_KRB4_COMPAT is not specified. |
19 Apr 2005 21:14:37
1.4
|
cy |
Packing list fixups.
Noticed by: kris
Pointy hat to: yours truly |
13 Apr 2005 23:24:48
1.4
|
cy |
Remove NDEBUG flag as it fails to build at some installations. |
13 Apr 2005 03:09:14
1.4
|
cy |
Update web page URL. |
13 Apr 2005 03:05:17
1.4
|
cy |
Update 1.3.6 --> 1.4 |
31 Mar 2005 18:46:44
1.3.6_1
|
cy |
Implement a fix for MITKRB5-SA-2005-001: buffer overflows in telnet client.
Approved by: portsmgr (krion)
Obtained from: Tom Yu <tlyu@mit.edu> on kerberos-announce |
21 Dec 2004 01:38:02
1.3.6
|
cy |
Update 1.3.5 --> 1.3.6 |
21 Dec 2004 00:24:18
1.3.5
|
cy |
Crypto-publish.org no longer maintains a current release of MIT-KRB5.
Remove code to alternatively fetch from that site. |
20 Oct 2004 20:20:06
1.3.5
|
cy |
Update 1.3.4 --> 1.3.5 |
01 Sep 2004 19:55:26
1.3.4_2
|
cy |
Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilities
in KDC and libraries
Heads-up by: nectar |
01 Sep 2004 15:01:20
1.3.4_1
|
cy |
Fix MITKRB5-SA-2004-003: ASN.1 decoder denial-of-service.
Heads-up by: nectar |
11 Jun 2004 23:08:57
1.3.4
|
cy |
Update KRB5 1.3.3 --> 1.3.4 |
04 Jun 2004 16:37:32
1.3.3_2
|
cy |
Updated patch for MITKRB5-SA-2004-001: krb5_aname_to_localname buffer overrun.
Obtained from: Tom Yu <tlyu@mit.edu> on BUGTRAQ |
02 Jun 2004 19:08:34
1.3.3_1
|
cy |
Fix MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname
Obtained from: Tom Yu <tlyu@MIT.EDU> on kerberos-announce list |
If you buy from Amazon USA, please support us by using this link.
