FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
krb5-111 Authentication system developed at MIT, successor to Kerberos IV
1.11.6_2 security Deleted on this many watch lists=0 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port
Deprecated DEPRECATED: EOLed by MIT in December 2014.
Expired This port expired on: 2015-08-31
Maintainer: cy@FreeBSD.org search for ports maintained by this maintainer
Port Added: 16 Oct 2014 19:44:48
License: MIT
Kerberos V5 is an authentication system developed at MIT.  
WWW: http://web.mit.edu/kerberos/

Abridged from the User Guide:
       Under Kerberos, a client sends a request for a ticket to the 
   Key Distribution Center (KDC). The KDC creates a ticket-granting 
   ticket (TGT) for the client, encrypts it using the client's 
   password as the key, and sends the encrypted TGT back to the 
   client. The client then attempts to decrypt the TGT, using
   its password. If the client successfully decrypts the TGT, it 
   keeps the decrypted TGT, which indicates proof of the client's 
   identity. The TGT permits the client to obtain additional tickets, 
   which give permission for specific services.
       Since Kerberos negotiates authenticated, and optionally encrypted,   
   communications between two points anywhere on the internet, it
   provides a layer of security that is not dependent on which side of a
   firewall either client is on.
       The Kerberos V5 package is designed to be easy to use. Most of the  
   commands are nearly identical to UNIX network programs you are already
   used to. Kerberos V5 is a single-sign-on system, which means that you 
   have to type your password only once per session, and Kerberos does   
   the authenticating and encrypting transparently.  

Jacques Vidrine <n@nectar.com>
SVNWeb : Homepage : PortsMon : pkg-plist

No installation instructions: this port has been deleted.

The package name of this deleted port was:

PKGNAME: krb5-111

distinfo: There is no distinfo for this port.


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. gm4 : devel/m4
  2. libcrypto.so.8 : security/openssl
  3. msgfmt : devel/gettext-tools
  4. gmake : devel/gmake
  5. perl5.20.2 : lang/perl5.20
Runtime dependencies:
  1. libcrypto.so.8 : security/openssl
Library dependencies:
  1. libintl.so : devel/gettext-runtime
There are no ports dependent upon this port

Configuration Options
===> The following configuration options are available for krb5-111-1.11.6_2:
     DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names
     KRB5_HTML=on: Install krb5 HTML documentation
     KRB5_PDF=on: Install krb5 PDF documentation
     LDAP=off: LDAP protocol support
===> Use 'make config' to modify these settings

USES:
cpe gettext gmake perl5 gssapi:bootstrap,mit

Master Sites:
  1. http://distcache.FreeBSD.org/ports-distfiles/
  2. http://web.mit.edu/kerberos/dist/krb5/1.11/
Port Moves
  • port moved to security/krb5-112 on 2015-09-15
    REASON: krb5-1.11 EOLed by MIT in December 2014
  • port moved here from security/krb5-maint on 2014-10-16
    REASON: MIT now supports two maintenance releases of which 1.11 is the older of the two

Number of commits found: 16

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
16 Sep 2015 02:31:37
Original commit files touched by this commit  1.11.6_2
Revision:397036
cy search for other commits by this committer
Expiry date has passed, retire security/krb5-111.
EOLed by MIT in December 2014.
17 Aug 2015 14:20:41
Original commit files touched by this commit  1.11.6_2
Revision:394508
mat search for other commits by this committer
Remove UNIQUENAME and LATEST_LINK.

UNIQUENAME was never unique, it was only used by USE_LDCONFIG and now,
we won't have conflicts there.

Use PKGBASE instead of LATEST_LINK in PKGLATESTFILE, the *only* consumer
is pkg-devel, and it works just fine without LATEST_LINK as pkg-devel
has the correct PKGNAME anyway.

Now that UNIQUENAME is gone, OPTIONSFILE is too. (it's been called
OPTIONS_FILE now.)

Reviewed by:	antoine, bapt
Exp-run by:	antoine
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D3336
06 Jun 2015 20:27:21
Original commit files touched by this commit  1.11.6_2
Revision:388684
cy search for other commits by this committer
MIT KRB5 ports build unusable binaries due to incorrect linking
when build under poudriere. This commit fixes that.
20 Apr 2015 19:06:30
Original commit files touched by this commit  1.11.6_1
Revision:384380
tijl search for other commits by this committer
- Display a stage-qa warning when ports use PREFIX/var instead of /var
- Add --localstatedir=/var to _LATE_CONFIGURE_ARGS (like --mandir) but not
  when CONFIGURE_ARGS already sets it.  (GNU configure scripts set it to
  PREFIX/var when PREFIX != /usr.)
- Add --localstatedir="${PREFIX}/var" to CONFIGURE_ARGS in some ports so
  they aren't affected by this change (for now at least).  This commit is
  meant to ensure that new ports don't make the same mistake.

- games/acm: the configure script in this port is very old; instead of
  patching it more, just replace GNU_CONFIGURE with HAS_CONFIGURE.
- irc/charybdis: it already used /var but adding --localstatedir=/var
  changed the behaviour of the configure script; adjust the port to this.

PR:		199506
Exp-run by:	antoine
Approved by:	portmgr (antoine)
23 Mar 2015 19:04:24
Original commit files touched by this commit  1.11.6_1
Revision:382023
cy search for other commits by this committer
Fix build with libressl.

PR:		198749, 198750
05 Mar 2015 18:48:32
Original commit files touched by this commit  1.11.6
Revision:380545
cy search for other commits by this committer
Advertise CPE data for Kerberos.

PR:		197465, 197466, 197467
26 Feb 2015 01:20:18
Original commit files touched by this commit  1.11.6
Revision:379969
cy search for other commits by this committer
Update 1.11.5 --> 1.11.6

This is a bugfix release.  The krb5-1.11 release series has reached
the end of its maintenance period, and krb5-1.11.6 is the last planned
release in the krb5-1.11 series.  For new deployments, installers
should prefer the krb5-1.13 release series or later.
This commit deprecates this port.

* Work around a gcc optimizer bug that could cause DB2 KDC database
  operations to spin in an infinite loop

* Fix a backward compatibility problem with the LDAP KDB schema that
  could prevent krb5-1.11 and later from decoding entries created by
  krb5-1.6.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
20 Feb 2015 20:59:09
Original commit files touched by this commit  1.11.5_6
Revision:379469 This port version is marked as vulnerable.
cy search for other commits by this committer
Fix broken rpath.

Submitted by:	hrs
13 Feb 2015 20:25:24
Original commit files touched by this commit  1.11.5_5
Revision:378944 This port version is marked as vulnerable.
cy search for other commits by this committer
Backported patches for CVE-2014-5353 and CVE-2014-5354 received from MIT
for krb5-111 and krb5-112.

Obtained from:	Greg Hudson <ghudson@mit.edu>
Security:	CVE-2014-5353, CVE-2014-5354
13 Feb 2015 01:48:15
Original commit files touched by this commit  1.11.5_4
Revision:378909 This port version is marked as vulnerable.
cy search for other commits by this committer
Forbid krb5-111 and krb5-112.

Security:	CVE-2014-5353, CVE-2014-5354
Security:	VUXML: 3a888a1e-b321-11e4-83b2-206a8a720317
05 Feb 2015 03:39:14
Original commit files touched by this commit  1.11.5_4
Revision:378441 This port version is marked as vulnerable.
cy search for other commits by this committer
Correct various packaging issues:

 - Libraries are not installed stripped;
 - pkgconfig files should be installed to libdata;
 - Use of deprecated @dirrm[try]

PR:		PR/197338
Submitted by:	delphij
04 Feb 2015 20:47:05
Original commit files touched by this commit  1.11.5_4
Revision:378417 This port version is marked as vulnerable.
cy search for other commits by this committer
Address: krb5 -- Vulnerabilities in kadmind, libgssrpc,
gss_process_context_token VU#540092

CVE-2014-5352: gss_process_context_token() incorrectly frees context

CVE-2014-9421: kadmind doubly frees partial deserialization results

CVE-2014-9422: kadmind incorrectly validates server principal name

CVE-2014-9423: libgssrpc server applications leak uninitialized bytes

Security:	VUXML: 24ce5597-acab-11e4-a847-206a8a720317
Security:	MIT KRB5: VU#540092
Security:	CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
14 Dec 2014 11:44:25
Original commit files touched by this commit  1.11.5_3
Revision:374698 This port version is marked as vulnerable.
antoine search for other commits by this committer
- Remove support for EXTRACT_PRESERVE_OWNERSHIP
- Update a few comments related to extract

Differential Revision:	https://reviews.freebsd.org/D1189
With hat:	portmgr
18 Oct 2014 17:05:56
Original commit files touched by this commit  1.11.5_3
Revision:371142 This port version is marked as vulnerable.
cy search for other commits by this committer
Fix LATEST_LINK.
18 Oct 2014 10:06:58
Original commit files touched by this commit  1.11.5_3
Revision:371108 This port version is marked as vulnerable.
antoine search for other commits by this committer
Unbreak
16 Oct 2014 19:44:22
Original commit files touched by this commit  1.11.5_3
Revision:371019 This port version is marked as vulnerable.
cy search for other commits by this committer
MIT Kerberos released 1.13; 1.12 becomes a maintenance release,
1.11 remains a maintenance release.

- Update security/krb5 1.12.2 --> 1.13
- Copy the old security/krb5 1.12.2 to security/krb5-112
  (now a maintenance release supported by MIT)
- Move the old krb5-maint (1.11.5: old maintenance release) to
  security/krb5-111 (the old maintenance release still supported by MIT)

Number of commits found: 16

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
mariadb100-serverOct 19
mariadb101-serverOct 19
mariadb102-serverOct 19
mariadb55-serverOct 19
mysql55-serverOct 19
mysql56-serverOct 19
mysql57-serverOct 19
percona55-serverOct 19
percona56-serverOct 19
percona57-serverOct 19
krb5Oct 18
krb5-113Oct 18
krb5-114Oct 18
krb5-115Oct 18
linux-flashplayerOct 17

21 vulnerabilities affecting 94 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 31587
Broken 153
Deprecated 64
Ignore 422
Forbidden 0
Restricted 175
No CDROM 78
Vulnerable 61
Expired 20
Set to expire 57
Interactive 0
new 24 hours 2
new 48 hours4
new 7 days25
new fortnight38
new month98

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2017 Dan Langille. All rights reserved.