notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

Current status

The server has been repaired, with a new power supply, for $23. I am waiting for lower COVID rates before visiting the datacenter to return it.
Port details
krb5-111 Authentication system developed at MIT, successor to Kerberos IV
1.11.6_2 security Deleted on this many watch lists=0 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 1.11.6_2Version of this port present on the latest quarterly branch.
Deprecated DEPRECATED: EOLed by MIT in December 2014.
Expired This port expired on: 2015-08-31
Maintainer: cy@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2014-10-16 19:44:48
Last Update: 2015-09-16 03:31:37
SVN Revision: 397036
License: MIT
Description:
SVNWeb : Homepage

There is no configure plist information for this port.

Dependency lines:
  • krb5-111>0:security/krb5-111
No installation instructions: this port has been deleted.
The package name of this deleted port was:
PKGNAME: krb5-111
Flavors: there is no flavor information for this port.
distinfo:
There is no distinfo for this port.
Packages: (move your mouse over the cells for more information)
No package information in database for this port.

Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. gm4 : devel/m4
  2. libcrypto.so.8 : security/openssl
  3. msgfmt : devel/gettext-tools
  4. gmake : devel/gmake
  5. perl5.20.2 : lang/perl5.20
Runtime dependencies:
  1. libcrypto.so.8 : security/openssl
Library dependencies:
  1. libintl.so : devel/gettext-runtime
There are no ports dependent upon this port

Configuration Options

USES:

Master Sites:
Expand this list (2 items)
    Collapse this list.
  1. http://distcache.FreeBSD.org/ports-distfiles/
  2. http://web.mit.edu/kerberos/dist/krb5/1.11/
  3. Collapse this list.
Port Moves
  • port moved to security/krb5-112 on 2015-09-15
    REASON: krb5-1.11 EOLed by MIT in December 2014
  • port moved here from security/krb5-maint on 2014-10-16
    REASON: MIT now supports two maintenance releases of which 1.11 is the older of the two

Number of commits found: 16

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
16 Sep 2015 02:31:37
Original commit files touched by this commit  1.11.6_2
Revision:397036
cy search for other commits by this committer
Expiry date has passed, retire security/krb5-111.
EOLed by MIT in December 2014.
17 Aug 2015 14:20:41
Original commit files touched by this commit  1.11.6_2
Revision:394508
mat search for other commits by this committer
Remove UNIQUENAME and LATEST_LINK.

UNIQUENAME was never unique, it was only used by USE_LDCONFIG and now,
we won't have conflicts there.

Use PKGBASE instead of LATEST_LINK in PKGLATESTFILE, the *only* consumer
is pkg-devel, and it works just fine without LATEST_LINK as pkg-devel
has the correct PKGNAME anyway.

Now that UNIQUENAME is gone, OPTIONSFILE is too. (it's been called
OPTIONS_FILE now.)

Reviewed by:	antoine, bapt
Exp-run by:	antoine
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D3336
06 Jun 2015 20:27:21
Original commit files touched by this commit  1.11.6_2
Revision:388684
cy search for other commits by this committer
MIT KRB5 ports build unusable binaries due to incorrect linking
when build under poudriere. This commit fixes that.
20 Apr 2015 19:06:30
Original commit files touched by this commit  1.11.6_1
Revision:384380
tijl search for other commits by this committer
- Display a stage-qa warning when ports use PREFIX/var instead of /var
- Add --localstatedir=/var to _LATE_CONFIGURE_ARGS (like --mandir) but not
  when CONFIGURE_ARGS already sets it.  (GNU configure scripts set it to
  PREFIX/var when PREFIX != /usr.)
- Add --localstatedir="${PREFIX}/var" to CONFIGURE_ARGS in some ports so
  they aren't affected by this change (for now at least).  This commit is
  meant to ensure that new ports don't make the same mistake.

- games/acm: the configure script in this port is very old; instead of
  patching it more, just replace GNU_CONFIGURE with HAS_CONFIGURE.
- irc/charybdis: it already used /var but adding --localstatedir=/var
  changed the behaviour of the configure script; adjust the port to this.

PR:		199506
Exp-run by:	antoine
Approved by:	portmgr (antoine)
23 Mar 2015 19:04:24
Original commit files touched by this commit  1.11.6_1
Revision:382023
cy search for other commits by this committer
Fix build with libressl.

PR:		198749, 198750
05 Mar 2015 18:48:32
Original commit files touched by this commit  1.11.6
Revision:380545
cy search for other commits by this committer
Advertise CPE data for Kerberos.

PR:		197465, 197466, 197467
26 Feb 2015 01:20:18
Original commit files touched by this commit  1.11.6
Revision:379969
cy search for other commits by this committer
Update 1.11.5 --> 1.11.6

This is a bugfix release.  The krb5-1.11 release series has reached
the end of its maintenance period, and krb5-1.11.6 is the last planned
release in the krb5-1.11 series.  For new deployments, installers
should prefer the krb5-1.13 release series or later.
This commit deprecates this port.

* Work around a gcc optimizer bug that could cause DB2 KDC database
  operations to spin in an infinite loop

* Fix a backward compatibility problem with the LDAP KDB schema that
  could prevent krb5-1.11 and later from decoding entries created by
  krb5-1.6.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
20 Feb 2015 20:59:09
Original commit files touched by this commit  1.11.5_6
Revision:379469 This port version is marked as vulnerable.
cy search for other commits by this committer
Fix broken rpath.

Submitted by:	hrs
13 Feb 2015 20:25:24
Original commit files touched by this commit  1.11.5_5
Revision:378944 This port version is marked as vulnerable.
cy search for other commits by this committer
Backported patches for CVE-2014-5353 and CVE-2014-5354 received from MIT
for krb5-111 and krb5-112.

Obtained from:	Greg Hudson <ghudson@mit.edu>
Security:	CVE-2014-5353, CVE-2014-5354
13 Feb 2015 01:48:15
Original commit files touched by this commit  1.11.5_4
Revision:378909 This port version is marked as vulnerable.
cy search for other commits by this committer
Forbid krb5-111 and krb5-112.

Security:	CVE-2014-5353, CVE-2014-5354
Security:	VUXML: 3a888a1e-b321-11e4-83b2-206a8a720317
05 Feb 2015 03:39:14
Original commit files touched by this commit  1.11.5_4
Revision:378441 This port version is marked as vulnerable.
cy search for other commits by this committer
Correct various packaging issues:

 - Libraries are not installed stripped;
 - pkgconfig files should be installed to libdata;
 - Use of deprecated @dirrm[try]

PR:		PR/197338
Submitted by:	delphij
04 Feb 2015 20:47:05
Original commit files touched by this commit  1.11.5_4
Revision:378417 This port version is marked as vulnerable.
cy search for other commits by this committer
Address: krb5 -- Vulnerabilities in kadmind, libgssrpc,
gss_process_context_token VU#540092

CVE-2014-5352: gss_process_context_token() incorrectly frees context

CVE-2014-9421: kadmind doubly frees partial deserialization results

CVE-2014-9422: kadmind incorrectly validates server principal name

CVE-2014-9423: libgssrpc server applications leak uninitialized bytes

Security:	VUXML: 24ce5597-acab-11e4-a847-206a8a720317
Security:	MIT KRB5: VU#540092
Security:	CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
14 Dec 2014 11:44:25
Original commit files touched by this commit  1.11.5_3
Revision:374698 This port version is marked as vulnerable.
antoine search for other commits by this committer
- Remove support for EXTRACT_PRESERVE_OWNERSHIP
- Update a few comments related to extract

Differential Revision:	https://reviews.freebsd.org/D1189
With hat:	portmgr
18 Oct 2014 17:05:56
Original commit files touched by this commit  1.11.5_3
Revision:371142 This port version is marked as vulnerable.
cy search for other commits by this committer
Fix LATEST_LINK.
18 Oct 2014 10:06:58
Original commit files touched by this commit  1.11.5_3
Revision:371108 This port version is marked as vulnerable.
antoine search for other commits by this committer
Unbreak
16 Oct 2014 19:44:22
Original commit files touched by this commit  1.11.5_3
Revision:371019 This port version is marked as vulnerable.
cy search for other commits by this committer
MIT Kerberos released 1.13; 1.12 becomes a maintenance release,
1.11 remains a maintenance release.

- Update security/krb5 1.12.2 --> 1.13
- Copy the old security/krb5 1.12.2 to security/krb5-112
  (now a maintenance release supported by MIT)
- Move the old krb5-maint (1.11.5: old maintenance release) to
  security/krb5-111 (the old maintenance release still supported by MIT)

Number of commits found: 16

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
gitlab-ceMar 05
asterisk16Mar 04
asterisk18Mar 04
chromiumMar 04
jasperMar 03
py-saltMar 03
vaultFeb 27
redisFeb 23
redis-develFeb 23
redis5Feb 23
zeekFeb 22
jenkinsFeb 20
raptor2Feb 20
asterisk13Feb 18
asterisk13Feb 18

10 vulnerabilities affecting 79 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2021-03-05 21:21:29


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 42684
Broken 75
Deprecated 166
Ignore 313
Forbidden 4
Restricted 139
No CDROM 71
Vulnerable 19
Expired 36
Set to expire 142
Interactive 0
new 24 hours 4
new 48 hours7
new 7 days30
new fortnight91
new month152

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2021 Dan Langille. All rights reserved.