![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.netbsd.org] / pkgsrc / security / heimdal
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.34 / (download) - annotate - [select for diffs], Mon Feb 27 12:39:11 2012 UTC (2 months, 3 weeks ago) by asau
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base,
pkgsrc-2012Q1,
HEAD
Changes since 1.33: +5 -7
lines
Diff to previous 1.33 (colored)
Update to Heimdal 1.5.2 Release Notes - Heimdal - Version Heimdal 1.5.2 Security fixes - CVE-2011-4862 Buffer overflow in libtelnet/encrypt.c in telnetd - escalation of privilege - Check that key types strictly match - denial of service Release Notes - Heimdal - Version Heimdal 1.5.1 Bug fixes - Fix building on Solaris, requires c99 - Fix building on Windows - Build system updates Release Notes - Heimdal - Version Heimdal 1.5 New features - Support GSS name extensions/attributes - SHA512 support - No Kerberos 4 support - Basic support for MIT Admin protocol (SECGSS flavor) in kadmind (extract keytab) - Replace editline with libedit
Revision 1.33 / (download) - annotate - [select for diffs], Fri Dec 30 18:59:05 2011 UTC (4 months, 3 weeks ago) by tez
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base,
pkgsrc-2011Q4
Changes since 1.32: +1 -0
lines
Diff to previous 1.32 (colored)
Fix for CVE-2011-4862 from FreeBSD When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer.
Revision 1.32 / (download) - annotate - [select for diffs], Thu Sep 15 13:01:14 2011 UTC (8 months, 1 week ago) by hans
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base,
pkgsrc-2011Q3
Changes since 1.31: +4 -2
lines
Diff to previous 1.31 (colored)
Split and clean up tommath patches. Requested by wiz.
Revision 1.31 / (download) - annotate - [select for diffs], Thu Sep 15 09:32:32 2011 UTC (8 months, 1 week ago) by wiz
Branch: MAIN
Changes since 1.30: +2 -2
lines
Diff to previous 1.30 (colored)
Remove CVS keywords from patch, so that distinfo has a chance of ever being right. XXX: this patch should be split up, it contains more than one file.
Revision 1.30 / (download) - annotate - [select for diffs], Wed Sep 14 17:33:00 2011 UTC (8 months, 1 week ago) by hans
Branch: MAIN
Changes since 1.29: +2 -1
lines
Diff to previous 1.29 (colored)
Fix build on SunOS.
Revision 1.29 / (download) - annotate - [select for diffs], Sun Jul 31 21:21:01 2011 UTC (9 months, 3 weeks ago) by gls
Branch: MAIN
Changes since 1.28: +2 -1
lines
Diff to previous 1.28 (colored)
Adds the symbols _kdc_db_fetch and _kdc_free_ent to global visibility, so that they can be referenced from kdc/digest-service. Fixes build on Dragonfly. From Alex Hornung in PR pkg/45195.
Revision 1.28 / (download) - annotate - [select for diffs], Sat Jul 16 11:18:32 2011 UTC (10 months, 1 week ago) by asau
Branch: MAIN
Changes since 1.27: +2 -2
lines
Diff to previous 1.27 (colored)
Regenerate checksum for patches.
Revision 1.27 / (download) - annotate - [select for diffs], Fri Jul 8 09:49:21 2011 UTC (10 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.26: +8 -13
lines
Diff to previous 1.26 (colored)
Changes 1.4: New features * Support for reading MIT database file directly * KCM is polished up and now used in production * NTLM first class citizen, credentials stored in KCM * Table driven ASN.1 compiler, smaller!, not enabled by default * Native Windows client support Notes * Disabled write support NDBM hdb backend (read still in there) since it can't handle large records, please migrate to a diffrent backend (like BDB4) Changes 1.3.3: Bug fixes * Check the GSS-API checksum exists before trying to use it [CVE-2010-1321] * Check NULL pointers before dereference them [kdc] Changes 1.3.2: Bug fixes * Don't mix length when clearing hmac (could memset too much) * More paranoid underrun checking when decrypting packets * Check the password change requests and refuse to answer empty packets * Build on OpenSolaris * Renumber AD-SIGNED-TICKET since it was stolen from US * Don't cache /dev/*random file descriptor, it doesn't get unloaded * Make C++ safe * Misc warnings
Revision 1.26 / (download) - annotate - [select for diffs], Tue Nov 30 07:12:49 2010 UTC (17 months, 3 weeks ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2011Q2-base,
pkgsrc-2011Q2,
pkgsrc-2011Q1-base,
pkgsrc-2011Q1,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4
Changes since 1.25: +4 -1
lines
Diff to previous 1.25 (colored)
Fixes build with OPENSSL_NO_MD2.
Revision 1.25 / (download) - annotate - [select for diffs], Tue Nov 25 07:09:54 2008 UTC (3 years, 6 months ago) by hasso
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base,
pkgsrc-2010Q3,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1,
pkgsrc-2009Q4-base,
pkgsrc-2009Q4,
pkgsrc-2009Q3-base,
pkgsrc-2009Q3,
pkgsrc-2009Q2-base,
pkgsrc-2009Q2,
pkgsrc-2009Q1-base,
pkgsrc-2009Q1,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4
Changes since 1.24: +2 -2
lines
Diff to previous 1.24 (colored)
Correct patch-aa checksum, sorry for a mess.
Revision 1.24 / (download) - annotate - [select for diffs], Wed Nov 19 13:27:33 2008 UTC (3 years, 6 months ago) by hasso
Branch: MAIN
Changes since 1.23: +2 -1
lines
Diff to previous 1.23 (colored)
The patch from upstream to fix man/man5/qop.5 symlink. This has been sit in PR 38622 for some time.
Revision 1.23 / (download) - annotate - [select for diffs], Thu Feb 28 08:14:41 2008 UTC (4 years, 2 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
cwrapper,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.22: +9 -13
lines
Diff to previous 1.22 (colored)
Update security/heimdal to version 1.1. Changes from version 0.7.2 include:
* Read-only PKCS11 provider built-in to hx509.
* Better compatibilty with Windows 2008 Server pre-releases and Vista.
* Add RFC3526 modp group14 as default.
* Handle [kdc] database = { } entries without realm = stanzas.
* Add gss_pseudo_random() for mechglue and krb5.
* Make session key for the krbtgt be selected by the best encryption
type of the client.
* Better interoperability with other PK-INIT implementations.
* Alias support for inital ticket requests.
* Make ASN.1 library less paranoid to with regard to NUL in string to
make it inter-operate with MIT Kerberos again.
* PK-INIT support.
* HDB extensions support, used by PK-INIT.
* New ASN.1 compiler.
* GSS-API mechglue from FreeBSD.
* Updated SPNEGO to support RFC4178.
* Support for Cryptosystem Negotiation Extension (RFC 4537).
* A new X.509 library (hx509) and related crypto functions.
* A new ntlm library (heimntlm) and related crypto functions.
* KDC will return the "response too big" error to force TCP retries
for large (default 1400 bytes) UDP replies. This is common for
PK-INIT requests.
* Libkafs defaults to use 2b tokens.
* krb5_kuserok() also checks ~/.k5login.d directory for acl files.
* Fix memory leaks.
* Bugs fixes
Revision 1.22 / (download) - annotate - [select for diffs], Tue Feb 20 10:17:14 2007 UTC (5 years, 3 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base,
pkgsrc-2007Q4,
pkgsrc-2007Q3-base,
pkgsrc-2007Q3,
pkgsrc-2007Q2-base,
pkgsrc-2007Q2,
pkgsrc-2007Q1-base,
pkgsrc-2007Q1
Changes since 1.21: +3 -2
lines
Diff to previous 1.21 (colored)
Fixed the build on IRIX 6.5.
Revision 1.19.4.1 / (download) - annotate - [select for diffs], Thu Aug 10 07:14:03 2006 UTC (5 years, 9 months ago) by ghen
Branch: pkgsrc-2006Q2
Changes since 1.19: +7 -1
lines
Diff to previous 1.19 (colored) next main 1.20 (colored)
Pullup ticket 1784 - requested by salo
security fix for heimdal
Revisions pulled up:
- pkgsrc/security/heimdal/Makefile 1.60-1.62
- pkgsrc/security/heimdal/distinfo 1.20-1.21
- pkgsrc/security/heimdal/PLIST 1.11
- pkgsrc/security/heimdal/PLIST.Linux removed
- pkgsrc/security/heimdal/patches/patch-al 1.1
- pkgsrc/security/heimdal/patches/patch-am 1.1
- pkgsrc/security/heimdal/patches/patch-an 1.1
- pkgsrc/security/heimdal/patches/patch-ao 1.1
- pkgsrc/security/heimdal/patches/patch-ap 1.1
- pkgsrc/security/heimdal/patches/patch-aq 1.1
Module Name: pkgsrc
Committed By: markd
Date: Sun Jul 2 13:53:28 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile
Added Files:
pkgsrc/security/heimdal: PLIST.SunOS
Log Message:
Solaris does not have err.h, glob.h, ifaddrs.h and vis.h compatible with
heimdal, so heimdal installs its own. Add them in PLIST.SunOS
Fixes PR pkg/33656. Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: jlam
Date: Wed Jul 5 04:39:15 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile PLIST distinfo
Added Files:
pkgsrc/security/heimdal/patches: patch-al
Removed Files:
pkgsrc/security/heimdal: PLIST.Linux PLIST.SunOS
Log Message:
Back out previous and do the same thing more generally for all platforms.
Since the heimdal install process will install additional headers in
${PREFIX}/include/krb5 depending on what the configure process detects,
simply query the source Makefile at install-time for the extra headers
that it will install and dynamically add them to the PLIST.
---
Module Name: pkgsrc
Committed By: salo
Date: Wed Aug 9 17:58:09 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile distinfo
Added Files:
pkgsrc/security/heimdal/patches: patch-am patch-an patch-ao patch-ap
patch-aq
Log Message:
Security fix for SA21436:
"A security issue has been reported in Heimdal, which potentially can be
exploited by malicious, local users to perform certain actions with
escalated privileges.
The security issue is caused due to missing checks for whether the
"setuid()" call has succeeded in the bundled rcp application. This may
be exploited to perform certain actions with root privileges if the
"setuid()" call fails due to e.g. resource limits."
http://secunia.com/advisories/21436/
http://www.pdc.kth.se/heimdal/advisory/2006-08-08/
Bump PKGREVISION.
Revision 1.21 / (download) - annotate - [select for diffs], Wed Aug 9 17:58:09 2006 UTC (5 years, 9 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base,
pkgsrc-2006Q4,
pkgsrc-2006Q3-base,
pkgsrc-2006Q3
Changes since 1.20: +6 -1
lines
Diff to previous 1.20 (colored)
Security fix for SA21436: "A security issue has been reported in Heimdal, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to missing checks for whether the "setuid()" call has succeeded in the bundled rcp application. This may be exploited to perform certain actions with root privileges if the "setuid()" call fails due to e.g. resource limits." http://secunia.com/advisories/21436/ http://www.pdc.kth.se/heimdal/advisory/2006-08-08/ Bump PKGREVISION.
Revision 1.20 / (download) - annotate - [select for diffs], Wed Jul 5 04:39:14 2006 UTC (5 years, 10 months ago) by jlam
Branch: MAIN
Changes since 1.19: +2 -1
lines
Diff to previous 1.19 (colored)
Back out previous and do the same thing more generally for all platforms.
Since the heimdal install process will install additional headers in
${PREFIX}/include/krb5 depending on what the configure process detects,
simply query the source Makefile at install-time for the extra headers
that it will install and dynamically add them to the PLIST.
Revision 1.18.2.1 / (download) - annotate - [select for diffs], Wed Feb 8 15:59:35 2006 UTC (6 years, 3 months ago) by salo
Branch: pkgsrc-2005Q4
Changes since 1.18: +4 -12
lines
Diff to previous 1.18 (colored) next main 1.19 (colored)
Pullup ticket 1106 - requested by Love Hornquist Astrand
security update for heimdal
Revisions pulled up:
- pkgsrc/security/heimdal/Makefile 1.54
- pkgsrc/security/heimdal/distinfo 1.19
- pkgsrc/security/heimdal/patches/patch-ab removed
- pkgsrc/security/heimdal/patches/patch-ak removed
- pkgsrc/security/heimdal/patches/patch-ae removed
- pkgsrc/security/heimdal/patches/patch-af removed
- pkgsrc/security/heimdal/patches/patch-ag removed
- pkgsrc/security/heimdal/patches/patch-ah removed
- pkgsrc/security/heimdal/patches/patch-ai removed
- pkgsrc/security/heimdal/patches/patch-aj removed
Module Name: pkgsrc
Committed By: lha
Date: Tue Feb 7 12:20:52 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile distinfo
Removed Files:
pkgsrc/security/heimdal/patches: patch-ab patch-ae patch-af
patch-ag patch-ah patch-ai patch-aj patch-ak
Log Message:
http://www.pdc.kth.se/heimdal/releases/0.7.2/
http://www.pdc.kth.se/heimdal/advisory/2006-02-06/
Changes in Heimdal 0.7.2
* Fix security problem in rshd that enable an attacker to overwrite
and change ownership of any file that root could write.
* Fix a DOS in telnetd. The attacker could force the server to crash
in a NULL de-reference before the user logged in, resulting in inetd
turning telnetd off because it forked too fast.
* Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name
exists in the keytab before returning success. This allows servers
to check if its even possible to use GSSAPI.
* Fix receiving end of token delegation for GSS-API. It still wrongly
uses subkey for sending for compatibility reasons, this will change
in 0.8.
* telnetd, login and rshd are now more verbose in logging failed and
successful logins.
* Bug fixes
Revision 1.19 / (download) - annotate - [select for diffs], Tue Feb 7 12:20:52 2006 UTC (6 years, 3 months ago) by lha
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base,
pkgsrc-2006Q1-base,
pkgsrc-2006Q1
Branch point for: pkgsrc-2006Q2
Changes since 1.18: +4 -12
lines
Diff to previous 1.18 (colored)
http://www.pdc.kth.se/heimdal/releases/0.7.2/ http://www.pdc.kth.se/heimdal/advisory/2006-02-06/ Changes in Heimdal 0.7.2 * Fix security problem in rshd that enable an attacker to overwrite and change ownership of any file that root could write. * Fix a DOS in telnetd. The attacker could force the server to crash in a NULL de-reference before the user logged in, resulting in inetd turning telnetd off because it forked too fast. * Make gss_acquire_cred(GSS_C_ACCEPT) check that the requested name exists in the keytab before returning success. This allows servers to check if its even possible to use GSSAPI. * Fix receiving end of token delegation for GSS-API. It still wrongly uses subkey for sending for compatibility reasons, this will change in 0.8. * telnetd, login and rshd are now more verbose in logging failed and successful logins. * Bug fixes
Revision 1.18 / (download) - annotate - [select for diffs], Sat Oct 29 21:05:28 2005 UTC (6 years, 6 months ago) by tonio
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.17: +2 -2
lines
Diff to previous 1.17 (colored)
Fix for darwin, reusing Dragonfly fix by joerg
Revision 1.17 / (download) - annotate - [select for diffs], Sat Oct 29 18:12:10 2005 UTC (6 years, 6 months ago) by joerg
Branch: MAIN
Changes since 1.16: +2 -1
lines
Diff to previous 1.16 (colored)
Fix Heimdal's LOCAL_PEERCRED on DragonFly by including the necessary headers. XXX Ask upstream, why this isn't a #if / #elif list Reported-by: walt <wa1ter AT myrealbox DOT com> on tech-pkg
Revision 1.16 / (download) - annotate - [select for diffs], Wed Oct 26 16:44:24 2005 UTC (6 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.15: +5 -1
lines
Diff to previous 1.15 (colored)
Pull in change from Heimdal CVS committed on 20051012 where the field in a publicly-exported structure was renamed from "private" to "opt_private". This allows <krb5.h> to be used by C++ compilers. Bump the PKGREVISION to 1.
Revision 1.15 / (download) - annotate - [select for diffs], Wed Oct 26 15:12:45 2005 UTC (6 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.14: +9 -8
lines
Diff to previous 1.14 (colored)
Update security/heimdal to 0.7.1 (approved by lha). We drop support for the "db4" option and just rely on the appropriate BDB_* settings via bdb.buildlink3.mk. Also, we tweak the builtin.mk file so use krb5-config, if it's available, to check the version of the built-in heimdal. Patches patch-ab, patch-ae and patch-af have been sent back upstream and will be incorporated into future Heimdal releases. Changes between version 0.6.5 and version 0.7.1 include: * Support for KCM, a process based credential cache * Support CCAPI credential cache * SPNEGO support * AES (and the gssapi conterpart, CFX) support * Adding new and improve old documentation * Bug fixes
Revision 1.14 / (download) - annotate - [select for diffs], Tue Aug 23 14:07:25 2005 UTC (6 years, 9 months ago) by reed
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base,
pkgsrc-2005Q3
Changes since 1.13: +2 -2
lines
Diff to previous 1.13 (colored)
Include sys/types.h. This fixes configure on DragonFly. Bump PKGREVISION. Okayed by lha@. I tested on Linux and DragonFly. I got this from Joerg Sonnenberger. On DragonFly, the configure errored like: /usr/include/openssl/md5.h:110: error: syntax error before "size_t" In file included from conftest.c:34: /usr/include/openssl/sha.h:109: error: syntax error before "size_t" This caused tests to break and it ended up building and installing libdes and des.h, md4.h, and related headers. So later libgssapi needed this libdes which was not buildlinked which broke kdelibs3 build.
Revision 1.13 / (download) - annotate - [select for diffs], Thu Aug 4 16:50:18 2005 UTC (6 years, 9 months ago) by tonio
Branch: MAIN
Changes since 1.12: +2 -1
lines
Diff to previous 1.12 (colored)
Add patch-aa to make heimdal compile with gcc-4 (default with darwin 8) This patch is the same as revision 1.3 of /cvsroot/src/crypto/dist/heimdal/lib/asn1/gen_glue.c by matt@ those cvs log: Don't emit struct units [] anymore. emit a struct units * const foo and in the C file initialize that to the static list. Bump pkgrevision: it changes the binary package on gcc<4 platforms approved by wiz@
Revision 1.12 / (download) - annotate - [select for diffs], Mon Jun 20 09:51:02 2005 UTC (6 years, 11 months ago) by lha
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.11: +4 -4
lines
Diff to previous 1.11 (colored)
Update to Heimdal 0.6.5 Changes in release 0.6.5 * fix vulnerabilities in telnetd * unbreak Kerberos 4 and kaserver
Revision 1.10.2.1 / (download) - annotate - [select for diffs], Thu Apr 21 15:55:34 2005 UTC (7 years, 1 month ago) by salo
Branch: pkgsrc-2005Q1
Changes since 1.10: +4 -5
lines
Diff to previous 1.10 (colored) next main 1.11 (colored)
Pullup ticket 458 - requested by Love Hornquist-Astrand
security fix for heimdal
Revisions pulled up:
- pkgsrc/security/heimdal/Makefile 1.34-1.35
- pkgsrc/security/heimdal/PLIST 1.7
- pkgsrc/security/heimdal/distinfo 1.11
- pkgsrc/security/heimdal/patches/patch-ae removed
Module Name: pkgsrc
Committed By: wiz
Date: Thu Apr 21 14:00:36 UTC 2005
Modified Files:
pkgsrc/security/heimdal: Makefile
Log Message:
lha agreed to maintain this package.
---
Module Name: pkgsrc
Committed By: lha
Date: Thu Apr 21 14:35:47 UTC 2005
Modified Files:
pkgsrc/security/heimdal: Makefile PLIST distinfo
Removed Files:
pkgsrc/security/heimdal/patches: patch-ae
Log Message:
Update to Heimdal 0.6.4. While I'm here, claim maintainership of this
package. Also please pkglint. Changes in heimdal 0.6.4 include:
* fix vulnerabilities in telnet
* rshd: encryption without a separate error socket should now work
* telnet now uses appdefaults for the encrypt and forward/forwardable
settings
* bug fixes
Revision 1.11 / (download) - annotate - [select for diffs], Thu Apr 21 14:35:47 2005 UTC (7 years, 1 month ago) by lha
Branch: MAIN
Changes since 1.10: +4 -5
lines
Diff to previous 1.10 (colored)
Update to Heimdal 0.6.4. While I'm here, claim maintainership of this package. Also please pkglint. Changes in heimdal 0.6.4 include: * fix vulnerabilities in telnet * rshd: encryption without a separate error socket should now work * telnet now uses appdefaults for the encrypt and forward/forwardable settings * bug fixes
Revision 1.10 / (download) - annotate - [select for diffs], Thu Feb 24 13:10:06 2005 UTC (7 years, 3 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base
Branch point for: pkgsrc-2005Q1
Changes since 1.9: +2 -1
lines
Diff to previous 1.9 (colored)
Add RMD160 digests.
Revision 1.9 / (download) - annotate - [select for diffs], Tue Dec 14 19:24:29 2004 UTC (7 years, 5 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base,
pkgsrc-2004Q4
Changes since 1.8: +2 -3
lines
Diff to previous 1.8 (colored)
Change the way that openssl/builtin.mk handles the USE_OLD_DES_API flag.
The idea is to prevent needing to patch source files for packages that
use OpenSSL for DES support by ensuring that including <openssl/des.h>
will always present the old DES API.
(1) If des_old.h exists, then we're using OpenSSL>=0.9.7, and
<openssl/des.h> already does the right thing.
(2) If des_old.h doesn't exist, then one of two things is happening:
(a) If <openssl/des.h> is old and (only) supports the old DES API,
then <openssl/des.h> does the right thing.
(b) If it's NetBSD's Special(TM) one that stripped out the old DES
support into a separate library and header (-ldes, <des.h>),
then we create a new header <openssl/des.h> that includes the
system one and <des.h>.
Also modify existing packages that set USE_OLD_DES_API to simply include
<openssl/des.h> instead of either <des.h> or <openssl/des_old.h> (This
step is mostly just removing unnecessary patches).
This should fix building packages that use OpenSSL's old DES API support
on non-NetBSD systems where the built-in OpenSSL is at least 0.9.7.
Revision 1.8 / (download) - annotate - [select for diffs], Sat Dec 4 03:59:26 2004 UTC (7 years, 5 months ago) by jlam
Branch: MAIN
Changes since 1.7: +3 -2
lines
Diff to previous 1.7 (colored)
Set USE_OLD_DES_API and replace custom changes to work with NetBSD-2.0's OpenSSL, with patches to use <openssl/des_old.h>.
Revision 1.7 / (download) - annotate - [select for diffs], Fri Nov 19 23:16:02 2004 UTC (7 years, 6 months ago) by jlam
Branch: MAIN
Changes since 1.6: +2 -2
lines
Diff to previous 1.6 (colored)
Correctly detect the old DES API in the OpenSSL in NetBSD's base install. This prevents Heimdal from building and installing its own DES library and headers. Bump the PKGREVISION.
Revision 1.6 / (download) - annotate - [select for diffs], Wed Oct 6 17:18:32 2004 UTC (7 years, 7 months ago) by gavan
Branch: MAIN
Changes since 1.5: +2 -1
lines
Diff to previous 1.5 (colored)
Undefine open in ndbm_wrap.c. This fixes a build problem on Solaris.
Revision 1.5 / (download) - annotate - [select for diffs], Tue Sep 14 14:41:34 2004 UTC (7 years, 8 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base,
pkgsrc-2004Q3
Changes since 1.4: +4 -4
lines
Diff to previous 1.4 (colored)
Update security/heimdal to 0.6.3. Changes from version 0.6.1 include: * fix vulnerabilities in ftpd * support for linux AFS /proc "syscalls" * support for RFC3244 (Windows 2000 Kerberos Change/Set Password) in kpasswdd * fix possible KDC denial of service * Fix possible buffer overrun in v4 kadmin (which now defaults to off)
Revision 1.4 / (download) - annotate - [select for diffs], Thu Apr 1 18:42:25 2004 UTC (8 years, 1 month ago) by joda
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base,
pkgsrc-2004Q2
Changes since 1.3: +3 -7
lines
Diff to previous 1.3 (colored)
Update to 0.6.1: * Fixed cross realm vulnerability * Fixed ARCFOUR suppport * kdc: fix denial of service attack * kdc: stop clients from renewing tickets into the future * bug fixes
Revision 1.3 / (download) - annotate - [select for diffs], Sun Feb 22 11:59:50 2004 UTC (8 years, 3 months ago) by markd
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base,
pkgsrc-2004Q1
Changes since 1.2: +3 -1
lines
Diff to previous 1.2 (colored)
configure looks for and finds -ltermcap too late in the process for it to be linked in when testing -lreadline usability so that test fails on Solaris - so pass that lib into configure at the start via the environment. Also allow optional use of db4 rather that db.
Revision 1.2 / (download) - annotate - [select for diffs], Tue Jan 13 02:05:29 2004 UTC (8 years, 4 months ago) by markd
Branch: MAIN
Changes since 1.1: +2 -1
lines
Diff to previous 1.1 (colored)
Fix build with gcc3.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sat Jan 10 14:56:45 2004 UTC (8 years, 4 months ago) by jlam
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
Initial import of heimdal-0.6 into security/heimdal. Heimdal is a free implementation of Kerberos 5. Kerberos is a system for authenticating users and services on a network. It is built upon the assumption that the network is "unsafe". Kerberos is a trusted third-party service. That means that there is a third party (the Kerberos server) that is trusted by all the entities on the network (users and services, usually called "principals"). All principals share a secret password (or key) with the Kerberos server and this enables principals to verify that the messages from the Kerberos server are authentic. Thus trusting the Kerberos server, users and services can authenticate each other.
Revision 1.1 / (download) - annotate - [select for diffs], Sat Jan 10 14:56:45 2004 UTC (8 years, 4 months ago) by jlam
Branch: MAIN
Initial revision