notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
All times are UTC
Ukraine
We just patched an SQL injection. There is no evidence it was exploited. That doesn’t mean it wasn’t. Please change your password. You might want to hold off on that change. We have a few more to fix.
Port details
krb5-120 MIT implementation of RFC 4120 network authentication service
1.20.1 security on this many watch lists=0 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout Version of this port present on the latest quarterly branch.
Maintainer: cy@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2022-05-27 13:48:19
Last Update: 2023-02-08 10:53:56
Commit Hash: 6e1233b
License: MIT
Description:
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb - no subversion history for this port
pkg-plist: as obtained via: make generate-plist
Expand this list (184 items)
Collapse this list.
  1. @ldconfig
  2. /usr/local/share/licenses/krb5-120-1.20.1/catalog.mk
  3. /usr/local/share/licenses/krb5-120-1.20.1/LICENSE
  4. /usr/local/share/licenses/krb5-120-1.20.1/MIT
  5. bin/compile_et
  6. bin/gss-client
  7. bin/k5srvutil
  8. bin/kadmin
  9. bin/kdestroy
  10. bin/kinit
  11. bin/klist
  12. bin/kpasswd
  13. bin/krb5-config
  14. @mode 04755
  15. @owner root
  16. @group wheel
  17. bin/ksu
  18. @mode
  19. @owner root
  20. @group wheel
  21. bin/kswitch
  22. bin/ktutil
  23. bin/kvno
  24. bin/sclient
  25. bin/sim_client
  26. bin/uuclient
  27. include/com_err.h
  28. include/gssapi.h
  29. include/gssapi/gssapi.h
  30. include/gssapi/gssapi_alloc.h
  31. include/gssapi/gssapi_ext.h
  32. include/gssapi/gssapi_generic.h
  33. include/gssapi/gssapi_krb5.h
  34. include/gssapi/mechglue.h
  35. include/gssrpc/auth.h
  36. include/gssrpc/auth_gss.h
  37. include/gssrpc/auth_gssapi.h
  38. include/gssrpc/auth_unix.h
  39. include/gssrpc/clnt.h
  40. include/gssrpc/netdb.h
  41. include/gssrpc/pmap_clnt.h
  42. include/gssrpc/pmap_prot.h
  43. include/gssrpc/pmap_rmt.h
  44. include/gssrpc/rename.h
  45. include/gssrpc/rpc.h
  46. include/gssrpc/rpc_msg.h
  47. include/gssrpc/svc.h
  48. include/gssrpc/svc_auth.h
  49. include/gssrpc/types.h
  50. include/gssrpc/xdr.h
  51. include/krad.h
  52. include/krb5.h
  53. include/krb5/ccselect_plugin.h
  54. include/krb5/clpreauth_plugin.h
  55. include/krb5/hostrealm_plugin.h
  56. include/krb5/kadm5_hook_plugin.h
  57. include/krb5/kdcpolicy_plugin.h
  58. include/krb5/kdcpreauth_plugin.h
  59. include/krb5/localauth_plugin.h
  60. include/krb5/krb5.h
  61. include/krb5/locate_plugin.h
  62. include/krb5/plugin.h
  63. include/krb5/pwqual_plugin.h
  64. include/kadm5/admin.h
  65. include/kadm5/chpass_util_strings.h
  66. include/krb5/kadm5_auth_plugin.h
  67. include/kadm5/kadm_err.h
  68. include/kdb.h
  69. include/krb5/certauth_plugin.h
  70. include/krb5/preauth_plugin.h
  71. include/profile.h
  72. include/verto-module.h
  73. include/verto.h
  74. lib/libcom_err.so
  75. lib/libcom_err.so.3
  76. lib/libcom_err.so.3.0
  77. lib/libgssapi_krb5.so
  78. lib/libgssapi_krb5.so.2
  79. lib/libgssapi_krb5.so.2.2
  80. lib/libgssrpc.so
  81. lib/libgssrpc.so.4
  82. lib/libgssrpc.so.4.2
  83. lib/libk5crypto.so
  84. lib/libk5crypto.so.3
  85. lib/libk5crypto.so.3.1
  86. lib/libkadm5clnt.so
  87. lib/libkadm5clnt_mit.so
  88. lib/libkadm5clnt_mit.so.12
  89. lib/libkadm5clnt_mit.so.12.0
  90. lib/libkadm5srv.so
  91. lib/libkadm5srv_mit.so
  92. lib/libkadm5srv_mit.so.12
  93. lib/libkadm5srv_mit.so.12.0
  94. lib/libkdb5.so
  95. lib/libkdb5.so.10
  96. lib/libkdb5.so.10.0
  97. lib/libkrb5.so
  98. lib/libkrb5.so.3
  99. lib/libkrb5.so.3.3
  100. lib/libkrb5support.so
  101. lib/libkrb5support.so.0
  102. lib/libkrb5support.so.0.1
  103. lib/krb5/plugins/kdb/db2.so
  104. @comment lib/krb5/plugins/kdb/klmdb.so
  105. lib/krb5/plugins/tls/k5tls.so
  106. @comment lib/krb5/plugins/kdb/kldap.so
  107. lib/krb5/plugins/preauth/otp.so
  108. lib/krb5/plugins/preauth/pkinit.so
  109. lib/krb5/plugins/preauth/spake.so
  110. lib/krb5/plugins/preauth/test.so
  111. @comment lib/libkdb_ldap.so
  112. @comment lib/libkdb_ldap.so.1
  113. @comment lib/libkdb_ldap.so.1.0
  114. lib/libkrad.so
  115. lib/libkrad.so.0
  116. lib/libkrad.so.0.0
  117. lib/libverto.so
  118. lib/libverto.so.0
  119. lib/libverto.so.0.0
  120. libdata/pkgconfig/gssrpc.pc
  121. libdata/pkgconfig/kadm-client.pc
  122. libdata/pkgconfig/kadm-server.pc
  123. libdata/pkgconfig/kdb.pc
  124. libdata/pkgconfig/krb5-gssapi.pc
  125. libdata/pkgconfig/krb5.pc
  126. libdata/pkgconfig/mit-krb5-gssapi.pc
  127. libdata/pkgconfig/mit-krb5.pc
  128. man/man1/compile_et.1.gz
  129. man/man1/k5srvutil.1.gz
  130. man/man1/kadmin.1.gz
  131. man/man1/kdestroy.1.gz
  132. man/man1/kinit.1.gz
  133. man/man1/klist.1.gz
  134. man/man1/kpasswd.1.gz
  135. man/man1/krb5-config.1.gz
  136. man/man1/ksu.1.gz
  137. man/man1/kswitch.1.gz
  138. man/man1/ktutil.1.gz
  139. man/man1/kvno.1.gz
  140. man/man1/sclient.1.gz
  141. man/man5/.k5identity.5.gz
  142. man/man5/.k5login.5.gz
  143. man/man5/k5identity.5.gz
  144. man/man5/k5login.5.gz
  145. man/man5/kadm5.acl.5.gz
  146. man/man5/kdc.conf.5.gz
  147. man/man5/krb5.conf.5.gz
  148. man/man7/kerberos.7.gz
  149. man/man8/kadmin.local.8.gz
  150. man/man8/kadmind.8.gz
  151. man/man8/kdb5_ldap_util.8.gz
  152. man/man8/kdb5_util.8.gz
  153. man/man8/kprop.8.gz
  154. man/man8/kpropd.8.gz
  155. man/man8/kproplog.8.gz
  156. man/man8/krb5kdc.8.gz
  157. man/man8/sserver.8.gz
  158. sbin/gss-server
  159. sbin/kadmin.local
  160. sbin/kadmind
  161. @comment sbin/kdb5_ldap_util
  162. sbin/kdc
  163. sbin/kdb5_util
  164. sbin/kprop
  165. sbin/kpropd
  166. sbin/kproplog
  167. sbin/krb5-send-pr
  168. sbin/krb5kdc
  169. sbin/sim_server
  170. sbin/sserver
  171. sbin/uuserver
  172. share/et/et_c.awk
  173. share/et/et_h.awk
  174. share/locale/de/LC_MESSAGES/mit-krb5.mo
  175. share/locale/en_US/LC_MESSAGES/mit-krb5.mo
  176. @comment share/krb5/kerberos.schema
  177. @comment share/krb5/kerberos.ldif
  178. @dir lib/krb5/plugins/authdata
  179. @dir lib/krb5/plugins/libkrb5
  180. @dir var/run/krb5kdc
  181. @dir var/krb5kdc
  182. @owner
  183. @group
  184. @mode
Collapse this list.
Dependency lines:
  • krb5-120>0:security/krb5-120
Conflicts:
CONFLICTS:
  • heimdal
  • krb5
  • krb5-11*
CONFLICTS_BUILD:
  • boringssl
Conflicts Matches:
There are no Conflicts Matches for this port. This is usually an error.
To install the port:
cd /usr/ports/security/krb5-120/ && make install clean
To add the package, run one of these commands:
  • pkg install security/krb5-120
  • pkg install krb5-120
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: krb5-120
Flavors: there is no flavor information for this port.
distinfo:

Packages (timestamps in pop-ups are UTC):
krb5-120
ABIlatestquarterly
FreeBSD:11:aarch64pkg-falloutpkg-fallout
FreeBSD:11:amd64pkg-falloutpkg-fallout
FreeBSD:11:armv6pkg-falloutpkg-fallout
FreeBSD:11:i386pkg-falloutpkg-fallout
FreeBSD:11:mipspkg-falloutpkg-fallout
FreeBSD:11:mips64pkg-falloutpkg-fallout
FreeBSD:12:aarch64pkg-fallout1.20.1
FreeBSD:12:amd641.20.11.20.1
FreeBSD:12:armv6pkg-falloutpkg-fallout
FreeBSD:12:armv7pkg-falloutpkg-fallout
FreeBSD:12:i3861.20.11.20.1
FreeBSD:12:mipspkg-falloutpkg-fallout
FreeBSD:12:mips64pkg-falloutpkg-fallout
FreeBSD:12:powerpc64pkg-falloutpkg-fallout
FreeBSD:13:aarch641.20.11.20.1
FreeBSD:13:amd641.20.11.20.1
FreeBSD:13:armv6pkg-fallout1.20
FreeBSD:13:armv71.20.11.20.1
FreeBSD:13:i3861.20.11.20.1
FreeBSD:13:mipspkg-falloutpkg-fallout
FreeBSD:13:mips64pkg-falloutpkg-fallout
FreeBSD:13:powerpc64pkg-fallout1.20.1
FreeBSD:13:riscv64pkg-fallout1.20
FreeBSD:14:aarch641.20.1pkg-fallout
FreeBSD:14:amd641.20.1pkg-fallout
FreeBSD:14:armv61.20.1pkg-fallout
FreeBSD:14:armv71.20.1pkg-fallout
FreeBSD:14:i3861.20.1pkg-fallout
FreeBSD:14:mipspkg-falloutpkg-fallout
FreeBSD:14:mips64pkg-falloutpkg-fallout
FreeBSD:14:powerpc641.20.1pkg-fallout
FreeBSD:14:riscv64pkg-falloutpkg-fallout
 
Slave ports:
  1. security/krb5
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. gmake>=4.3 : devel/gmake
  2. libtool : devel/libtool
  3. pkgconf>=1.3.0_1 : devel/pkgconf
  4. msgfmt : devel/gettext-tools
  5. perl5>=5.32.r0<5.33 : lang/perl5.32
Library dependencies:
  1. libintl.so : devel/gettext-runtime
  2. libreadline.so.8 : devel/readline
There are no ports dependent upon this port

Configuration Options:
Options name:
USES:
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://web.mit.edu/kerberos/dist/krb5/1.20/
Collapse this list.

Number of commits found: 10

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
1.20.1
08 Feb 2023 10:53:56
commit hash:6e1233be229212a0496f42d611bd40f3e3a628dacommit hash:6e1233be229212a0496f42d611bd40f3e3a628dacommit hash:6e1233be229212a0496f42d611bd40f3e3a628dacommit hash:6e1233be229212a0496f42d611bd40f3e3a628da files touched by this commit
Muhammad Moinur Rahman (bofh) search for other commits by this committer
Mk/**ldap.mk: Convert USE_LDAP to USES=ldap

Convert the USE_LDAP=yes to USES=ldap and adds the following features:

- Adds the argument USES=ldap:server to add openldap2{4|5|6}-server as
  RUN_DEPENDS
- Adds the argument USES=ldap<version> and replaces WANT_OPENLDAP_VER
- Adds OPENLDAP versions in bsd.default-versions.mk
- Adds USE_OPENLDAP/WANT_OPENLDAP_VER in Mk/bsd.sanity.mk
- Changes consumers to use the features

Reviewed by:	delphij
Approved by:	portmgr
Differential Revision: https://reviews.freebsd.org/D38233
1.20.1
15 Nov 2022 17:19:00
commit hash:abcf942f2ba44a1f333ce3daa2b8961202351a09commit hash:abcf942f2ba44a1f333ce3daa2b8961202351a09commit hash:abcf942f2ba44a1f333ce3daa2b8961202351a09commit hash:abcf942f2ba44a1f333ce3daa2b8961202351a09 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
security/krb5-120: Update to 1.20.1

MFH:		2022Q4
Security:	CVE-2022-42898
1.20_1
15 Nov 2022 16:37:02
commit hash:de40003bfd697e98cdd342e253699e83e1040961commit hash:de40003bfd697e98cdd342e253699e83e1040961commit hash:de40003bfd697e98cdd342e253699e83e1040961commit hash:de40003bfd697e98cdd342e253699e83e1040961 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
security/krb5-*: Address CVE-2022-42898

Topic: Vulnerabilities in PAC parsing

CVE-2022-42898: integer overflow vulnerabilities in PAC parsing

SUMMARY
=======

Three integer overflow vulnerabilities have been discovered in the MIT
krb5 library function krb5_parse_pac().

IMPACT
======
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.20
30 Oct 2022 15:43:23
commit hash:5a84f8764063d95a1f6f2965785fd9b7effbb40fcommit hash:5a84f8764063d95a1f6f2965785fd9b7effbb40fcommit hash:5a84f8764063d95a1f6f2965785fd9b7effbb40fcommit hash:5a84f8764063d95a1f6f2965785fd9b7effbb40f files touched by this commit This port version is marked as vulnerable.
Felix Palmen (zirias) search for other commits by this committer
security/krb5-120: Fix build with libressl 3.5

Approved by:		cy (maintainer), tcberner (mentor)
Differential Revision:	https://reviews.freebsd.org/D37046
1.20
09 Sep 2022 15:19:05
commit hash:096a9baeef9f45bd2ae0e963585bdab9f31a3864commit hash:096a9baeef9f45bd2ae0e963585bdab9f31a3864commit hash:096a9baeef9f45bd2ae0e963585bdab9f31a3864commit hash:096a9baeef9f45bd2ae0e963585bdab9f31a3864 files touched by this commit This port version is marked as vulnerable.
Cy Schubert (cy) search for other commits by this committer
security/krb5-*: Bring CONFLICTS up to current status

Clean up CONFLICTS bitrot.

MFH:		2022Q3
1.20
08 Sep 2022 15:46:38
commit hash:ade2a047e0eb835f7f42682496614cfd259757eacommit hash:ade2a047e0eb835f7f42682496614cfd259757eacommit hash:ade2a047e0eb835f7f42682496614cfd259757eacommit hash:ade2a047e0eb835f7f42682496614cfd259757ea files touched by this commit This port version is marked as vulnerable.
Stefan Eßer (se) search for other commits by this committer
Remove WWW lines that have been moved into Makefiles

Approved by:	portmgr (implicit)
1.20
08 Sep 2022 15:43:21
commit hash:986beaaabc71b9e7e29e7e89e0f36405b687216fcommit hash:986beaaabc71b9e7e29e7e89e0f36405b687216fcommit hash:986beaaabc71b9e7e29e7e89e0f36405b687216fcommit hash:986beaaabc71b9e7e29e7e89e0f36405b687216f files touched by this commit This port version is marked as vulnerable.
Stefan Eßer (se) search for other commits by this committer
Move more WWW entries from pkg-descr files into Makefiles

The WWW: lines in the pkg-descr files of these ports where not at the
end of those files and have been missed in prior conversion runs.

Approved by:	portmgr (implicit)
1.20
20 Jul 2022 14:22:56
commit hash:857c05f8674c5f4c990f49f9d0fb7034ebd340fecommit hash:857c05f8674c5f4c990f49f9d0fb7034ebd340fecommit hash:857c05f8674c5f4c990f49f9d0fb7034ebd340fecommit hash:857c05f8674c5f4c990f49f9d0fb7034ebd340fe files touched by this commit This port version is marked as vulnerable.
Tobias C. Berner (tcberner) search for other commits by this committer
security: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  <ports@c0decafe.net>
  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Adam Weinberger <adamw@FreeBSD.org>
  *  Ade Lovett <ade@FreeBSD.org>
  *  Aldis Berjoza <aldis@bsdroot.lv>
  *  Alex Dupre <ale@FreeBSD.org>
  *  Alex Kapranoff <kappa@rambler-co.ru>
  *  Alex Samorukov <samm@freebsd.org>
  *  Alexander Botero-Lowry <alex@foxybanana.com>
  *  Alexander Kriventsov <avk@vl.ru>
  *  Alexander Leidinger <netchild@FreeBSD.org>
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.20
16 Jun 2022 19:49:54
commit hash:5fce6afe2a3016cb8893bf52344410eb4e13278bcommit hash:5fce6afe2a3016cb8893bf52344410eb4e13278bcommit hash:5fce6afe2a3016cb8893bf52344410eb4e13278bcommit hash:5fce6afe2a3016cb8893bf52344410eb4e13278b files touched by this commit This port version is marked as vulnerable.
Cy Schubert (cy) search for other commits by this committer
security/krb5-120: MIT KRB5 1.20 does not support LibreSSL

MIT KRB5 does not support LibreSSL and requires a function only
found in OpenSSL. Therefore mark libressl and libressl-devel IGNORE.

pkinit_crypto_openssl.c:334:14: error: implicit declaration of function
'EVP_PKEY_param_check' is invalid in C99
[-Werror,-Wimplicit-function-declaration]
    result = EVP_PKEY_param_check(ctx);

EVP_PKEY_param_check(), an OpenSSL function, is not supported by LibreSSL.
1.20
27 May 2022 13:45:07
commit hash:d33c01d9cc1864a2be757fb99caa63223cfe5519commit hash:d33c01d9cc1864a2be757fb99caa63223cfe5519commit hash:d33c01d9cc1864a2be757fb99caa63223cfe5519commit hash:d33c01d9cc1864a2be757fb99caa63223cfe5519 files touched by this commit This port version is marked as vulnerable.
Cy Schubert (cy) search for other commits by this committer
security/krb5-120: Welcome new krb5 1.20

Welcome the new krb5-120 (1.20) from MIT.

krb5-118 is now deprecated and scheduled for removal a year from
now.

Number of commits found: 10