| non port: security/krb5/distinfo |
|
SVNWeb
|
Number of commits found: 57 |
|
Sat, 21 Nov 2015
|
[ 08:47 cy  ]  
Introduce the new krb5 1.14:
- move (copy) krb5 (krb5 1.13.2) to krb5-113 (new, added)
- update krb5 1.13.2 --> 1.14
- update CONFLICTS in krb5, krb5-112 and krb5-113.
- update krb5-appl to allow optional dependency on krb5-113.
- update security/Makefile with copied krb5-113.
- deprecate and expire krb5-112 (krb5-1.12) on November 20, 2016, as it
will EOL twelve months after the release of krb5-1.14.
|
|
Sat, 9 May 2015
|
[ 13:12 cy ]
Update 1.13.1 --> 1.13.2
|
|
Fri, 13 Feb 2015
|
[ 01:27 cy ]
Update 1.13 --> 1.13.1, incorporates MITKRB5-SA-2015-001 (committed in
r378417).
|
|
Wed, 4 Feb 2015
|
[ 20:47 cy ]
Address: krb5 -- Vulnerabilities in kadmind, libgssrpc,
gss_process_context_token VU#540092
CVE-2014-5352: gss_process_context_token() incorrectly frees context
CVE-2014-9421: kadmind doubly frees partial deserialization results
CVE-2014-9422: kadmind incorrectly validates server principal name
CVE-2014-9423: libgssrpc server applications leak uninitialized bytes
Security: VUXML: 24ce5597-acab-11e4-a847-206a8a720317
Security: MIT KRB5: VU#540092
Security: CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
|
|
Thu, 16 Oct 2014
|
[ 19:44 cy ] (Only the first 10 of 12 ports in this commit are shown above.  )
MIT Kerberos released 1.13; 1.12 becomes a maintenance release,
1.11 remains a maintenance release.
- Update security/krb5 1.12.2 --> 1.13
- Copy the old security/krb5 1.12.2 to security/krb5-112
(now a maintenance release supported by MIT)
- Move the old krb5-maint (1.11.5: old maintenance release) to
security/krb5-111 (the old maintenance release still supported by MIT)
|
|
Wed, 13 Aug 2014
|
[ 18:32 cy ]
Update 1.12.1 --> 1.12.2.
Add readline non-default option.
|
|
Thu, 16 Jan 2014
|
[ 13:49 cy ]
Update 1.12 --> 1.12.1
|
|
Thu, 12 Dec 2013
|
[ 05:19 cy ]
Update krb5 to 1.12. Security/krb5 tracks MIT KRB5 current release.
Adjust the newly created krb5-maint with a new portname and conflicts.
Krb5-maint is a maintenance release for those who wish to use the previous
release of krb5. krb5-maint remains at 1.11.3.
Adjust CONFLICTS in security/heimdal and security/srp to account for the
newly repocopied krb5-maint.
Adjust security/Makefile to include krb5-maint.
|
|
Tue, 4 Jun 2013
|
[ 04:45 cy ]
Update krb5 1.11.2 --> 1.11.3.
This is a bugfix release.
* Fix a UDP ping-pong vulnerability in the kpasswd (password changing)
service. [CVE-2002-2443]
* Improve interoperability with some Windows native PKINIT clients.
Security: CVE-2002-2443
|
|
Wed, 17 Apr 2013
|
[ 00:41 cy ]
Update 1.11.1 --> 1.11.2
Major changes in 1.11.2 (2013-04-12)
====================================
This is a bugfix release.
* Incremental propagation could erroneously act as if a slave's
database were current after the slave received a full dump that
failed to load.
* gss_import_sec_context incorrectly set internal state that
identifies whether an imported context is from an interposer
mechanism or from the underlying mechanism.
Feature safe: yes
|
|
Fri, 22 Feb 2013
|
[ 20:03 cy ]
Update 1.11 --> 1.11.1.
Security: Fix a null pointer dereference in the KDC PKINIT code [CVE-2013-1415].
|
|
Tue, 22 Jan 2013
|
[ 04:03 cy ]
Update 1.10.3 --> 1.11
|
|
Sat, 3 Nov 2012
|
[ 18:59 cy ]
Update krb5 1.9.2 --> 1.10.3
Feature safe: yes
|
|
Wed, 14 Dec 2011
|
[ 04:31 cy ]
Apply patch for MITKRB5-SA-2011-007, KDC null pointer dereference in TGS
handling.
PR: 163272
Submitted by: zi
Security: 6c7d9a35-2608-11e1-89b4-001ec9578670
Feature safe: yes
|
|
Wed, 16 Nov 2011
|
[ 20:38 cy ]
Update 1.9.1 --> 1.9.2. This is a bugfix release.
Feature safe: yes
|
|
Thu, 30 Jun 2011
|
[ 04:03 cy ]
Update 1.9 --> 1.9.1.
PR: 158520
Submitted by: Ryan Steinmetz <rpsfa@rit.edu>
|
|
Thu, 14 Apr 2011
|
[ 00:39 cy ]
Apply patch for MITKRB5-SA-2011-004, kadmind invalid pointer free()
[CVE-2011-0285]
Security: MITKRB5-SA-2011-004, CVE-2011-0285
Feature safe: yes
|
|
Fri, 25 Mar 2011
|
[ 00:19 cy ]
Apply patch for MITKRB5-SA-2011-003, KDC vulnerable to double-free when
PKINIT enabled.
Obtained from: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt
Security: MITKRB5-SA-2011-003, CVE-2011-0284
Feature safe: yes
|
|
Fri, 11 Feb 2011
|
[ 01:04 cy ]
Apply fixes for kpropd denial of service (MITKRB5-SA-2011-001) and KDC
denial of service (MITKRB5-SA-2011-002).
Security: MITKRB5-SA-2011-001 (CVE-2010-4022),
MITKRB5-SA-2011-002 (CVE-2011-0281)
|
|
Thu, 23 Dec 2010
|
[ 01:04 cy ]
Update from 1.8.3_2 to 1.9.
|
|
Thu, 2 Dec 2010
|
[ 02:09 cy ]
Fix security vulnerabilities CVE-2010-1324, CVE-2010-1323, CVE-2010-4020,
CVE-2010-4021, and CVE-2010-1322.
PR: 152755
Submitted by: wollman
Security: CVE-2010-1324, CVE-2010-1323, CVE-2010-4020, CVE-2010-4021,
and CVE-2010-1322.
Feature safe: Yes
|
|
Thu, 5 Aug 2010
|
[ 22:37 cy ]
Update to 1.8.3.
PR: 149299
Submitted by: gwollman
|
|
Tue, 25 May 2010
|
[ 05:14 cy ]
Apply patch for MIT KRB5 security vulnerability MITKRB5-SA-2010-005.
PR: 146939
Submitted by: wollman
Security: MIT krb5 Security Advisory 2010-005
|
|
Mon, 26 Apr 2010
|
[ 03:48 cy ] (Only the first 10 of 16 ports in this commit are shown above. )
Welcome the new krb5-1.8.1. Significant changes include the removal of
the MIT KRB5 applications (now in a separate tarball and port).
|
[ 03:23 cy ] (Only the first 10 of 12 ports in this commit are shown above. )
MFkrb5-17.
|
|
Wed, 19 Mar 2008
|
[ 19:26 cy ]
Fixes for multiple vulnerabilities.
Security: US-CERT Technical Cyber Security Alert TA08-079B --
MIT Kerberos Updates for Multiple Vulnerabilities
US-CERT Vulnerability Note VU#895609,
US-CERT Vulnerability Note VU#374121
MIT krb5 Security Advisory 2008-001
MIT krb5 Security Advisory 2008-002
|
|
Tue, 23 Oct 2007
|
[ 03:41 cy ]
Update 1.6.2 --> 1.6.3
Security: fix CVE-2007-3999, CVE-2007-4743 svc_auth_gss.c buffer overflow
fix CVE-2007-4000 modify_policy vulnerability
Also: add PKINIT support
|
|
Tue, 11 Sep 2007
|
[ 23:52 cy ]
Patch for MIT krb5 Security Advisory 2007-006 - kadmind RPC lib buffer
overflow, uninitialized pointer
Security: MIT krb5 Security Advisory 2007-006
|
|
Wed, 11 Jul 2007
|
[ 16:51 cy ]
Update 1.6.1 --> 1.6.2
|
|
Tue, 26 Jun 2007
|
[ 23:01 cy ]
Patches for:
MITKRB5-SA-2007-004: kadmind affected by multiple RPC library vulnerabilities
MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow
Security: US CERT Technical Cyber Security Alert TA07-177A --
MIT Kerberos Vulnerabilities
|
|
Mon, 23 Apr 2007
|
[ 22:10 cy ] (Only the first 10 of 16 ports in this commit are shown above. )
Update from 1.6 to 1.6.1.
|
|
Wed, 10 Jan 2007
|
[ 05:06 cy ]
Update 1.5.1 --> 1.6
Security: MITKRB5-SA-2006-002, MITKRB5-SA-2006-003, and
US-CERT Technical Cyber Security Alert TA07-009B
|
|
Sun, 17 Sep 2006
|
[ 00:48 cy ] (Only the first 10 of 15 ports in this commit are shown above. )
Update krb5-1.5 --> krb5-1.5.1
Submitted by: Paul Vixie <paul@vix.com>
|
|
Fri, 14 Jul 2006
|
[ 18:37 cy ]
Update 1.4.3 --> 1.5
|
|
Tue, 24 Jan 2006
|
[ 01:03 edwin ] (Only the first 10 of 260 ports in this commit are shown above. )
SHA256ify
Approved by: krion@
|
|
Fri, 18 Nov 2005
|
[ 00:38 cy ]
Update 1.4.2 --> 1.4.3
|
|
Tue, 4 Oct 2005
|
[ 22:09 cy ]
Update 1.4.1 --> 1.4.2
|
|
Sat, 23 Apr 2005
|
[ 01:49 cy ]
Update 1.4 --> 1.4.1.
Package list fixup when KRB5_KRB4_COMPAT is not specified.
|
|
Wed, 13 Apr 2005
|
[ 03:05 cy ]
Update 1.3.6 --> 1.4
|
|
Tue, 21 Dec 2004
|
[ 01:38 cy ]
Update 1.3.5 --> 1.3.6
|
[ 00:24 cy ]
Crypto-publish.org no longer maintains a current release of MIT-KRB5.
Remove code to alternatively fetch from that site.
|
|
Wed, 20 Oct 2004
|
[ 20:20 cy ]
Update 1.3.4 --> 1.3.5
|
|
Fri, 11 Jun 2004
|
[ 23:08 cy ]
Update KRB5 1.3.3 --> 1.3.4
|
|
Wed, 7 Apr 2004
|
[ 00:28 cy ]
Update 1.3.2 --> 1.3.3
|
|
Sat, 28 Feb 2004
|
[ 21:25 cy ]
- Update MIT KRB5 1.3.1 --> 1.3.2. (As crypto-publish.org does not have
1.3.2 yet, when USE_KRB5_TARBALL=CRYPTO-PUBLISH is specified, 1.3.1
will be installed.)
- Add SIZE to distinfo
|
|
Fri, 8 Aug 2003
|
[ 23:35 cy ]
Update 1.3 --> 1.3.1
|
[ 01:20 cy ] (Only the first 10 of 42 ports in this commit are shown above. )
Update 1.2.8 --> 1.3
|
|
Wed, 7 May 2003
|
[ 03:47 cy ] (Only the first 10 of 17 ports in this commit are shown above. )
Update 1.2.7 --> 1.2.8.
|
|
Sat, 16 Nov 2002
|
[ 00:02 cy ]
Update 1.2.6 --> 1.2.7
Note: Since crypto-publish.org does not yet have krb5-1.2.7 up on their
website, fetch from their site has been temporarily disabled.
|
|
Wed, 25 Sep 2002
|
[ 17:50 cy ]
Crypto-publish.org has finally put krb5-1.2.6 up on their site. The
patch reimplements code to fetch MIT Kerberos from their site when
USA_RESIDENT=NO.
Approved by: kris
|
|
Fri, 13 Sep 2002
|
[ 13:46 cy ]
Update 1.2.5 --> 1.2.6
Note: Since crypto-publish.org does not yet have krb5-1.2.6 up on their
website, fetch from their site has been temporarily disabled.
|
|
Fri, 3 May 2002
|
[ 02:20 cy ]
Now that www.crypto-publish.org has put the latest version of MIT KRB5
up on their website again, reimplementation of the Makefile patch that
fetched the the tarball from their site for users outside of the US
(originally in Makefile rev 1.29). USA_RESIDENT=YES still supports
manual fetching from web.mit.edu.
|
|
Thu, 2 May 2002
|
[ 14:30 cy ]
Upgrade 1.2.4 --> 1.2.5
|
|
Mon, 18 Mar 2002
|
[ 22:52 cy ]
MIT currently distributes their KRB5 distribution in a tarball (.tar)
that contains the distribution itself, in a tar.gz file, and a signature
certificate, contained in a detached .tar.gz.asc file. Prior to this
patch, users installing MIT KRB5 had to extract the tarball into
/usr/ports/distfiles, then proceed with the installation. This caused
confusion among those installing the port. This patch addresses the
problem by extracting the .tar.gz file from the tarball, then unpacking
the .tar.gz file before continuing with the build.
|
|
Fri, 1 Mar 2002
|
[ 13:23 cy ]
Update 1.2.3 --> 1.2.4
|
|
Wed, 16 Jan 2002
|
[ 03:17 cy ] (Only the first 10 of 13 ports in this commit are shown above. )
Update 1.2.2 -> 1.2.3
|
|
Fri, 2 Mar 2001
|
[ 17:33 nectar ]
Update 1.2.1 -> 1.2.2
|
Number of commits found: 57 |
As an Amazon Associate I earn from qualifying purchases.