From 703aff2fddb0a959e70518ebb57a7aa5e249000417d03779bf2e8e1eef2d5770 Mon Sep 17 00:00:00 2001
From: Michael Calmer <mc@suse.com>
Date: Sun, 28 Apr 2013 15:20:13 +0000
Subject: [PATCH] - update to version 1.11.2   * Incremental propagation could
 erroneously act as if a slave's     database were current after the slave
 received a full dump     that failed to load.   * gss_import_sec_context
 incorrectly set internal state that     identifies whether an imported
 context is from an interposer     mechanism or from the underlying mechanism.
 - upstream fix obsolete krb5-lookup_etypes-leak.patch

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=97
---
 krb5-1.11.1.tar.bz2           |  3 ---
 krb5-1.11.2.tar.bz2           |  3 +++
 krb5-lookup_etypes-leak.patch | 42 -----------------------------------
 krb5-mini.changes             | 12 ++++++++++
 krb5-mini.spec                |  6 ++---
 krb5.changes                  | 12 ++++++++++
 krb5.spec                     |  6 ++---
 7 files changed, 31 insertions(+), 53 deletions(-)
 delete mode 100644 krb5-1.11.1.tar.bz2
 create mode 100644 krb5-1.11.2.tar.bz2
 delete mode 100644 krb5-lookup_etypes-leak.patch

diff --git a/krb5-1.11.1.tar.bz2 b/krb5-1.11.1.tar.bz2
deleted file mode 100644
index 0d923b8..0000000
--- a/krb5-1.11.1.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7994928de3fbaeaef4862798ad1608c8bd886b91cc15de7b49d6c3c3cadc1d0d
-size 9433869
diff --git a/krb5-1.11.2.tar.bz2 b/krb5-1.11.2.tar.bz2
new file mode 100644
index 0000000..52fa5e8
--- /dev/null
+++ b/krb5-1.11.2.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:562e6cbbdfa6025082dbb847e7cc992d51e189e34a26fb8b528a9ce42ccbe50f
+size 9438890
diff --git a/krb5-lookup_etypes-leak.patch b/krb5-lookup_etypes-leak.patch
deleted file mode 100644
index 0345e12..0000000
--- a/krb5-lookup_etypes-leak.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-Petr Spacek notes that when we walk the keytab in lookup_etypes_for_keytab(),
-we don't free entries when we're finished examining them.  Ensure that when
-krb5_kt_next_entry() succeeds, we make sure to free the entry storage before we
-exit the current loop iteration.  (RT#7586)
-
---- a/src/lib/krb5/krb/gic_keytab.c
-+++ b/src/lib/krb5/krb/gic_keytab.c
-@@ -110,9 +110,9 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
-             goto cleanup;
- 
-         if (!krb5_c_valid_enctype(entry.key.enctype))
--            continue;
-+            goto next_entry;
-         if (!krb5_principal_compare(context, entry.principal, client))
--            continue;
-+            goto next_entry;
-         /* Make sure our list is for the highest kvno found for client. */
-         if (entry.vno > max_kvno) {
-             free(etypes);
-@@ -120,11 +120,12 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
-             count = 0;
-             max_kvno = entry.vno;
-         } else if (entry.vno != max_kvno)
--            continue;
-+            goto next_entry;
- 
-         /* Leave room for the terminator and possibly a second entry. */
-         p = realloc(etypes, (count + 3) * sizeof(*etypes));
-         if (p == NULL) {
-+            krb5_free_keytab_entry_contents(context, &entry);
-             ret = ENOMEM;
-             goto cleanup;
-         }
-@@ -136,6 +137,8 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
-             entry.key.enctype == ENCTYPE_DES_CBC_MD4)
-             etypes[count++] = ENCTYPE_DES_CBC_CRC;
-         etypes[count] = 0;
-+next_entry:
-+        krb5_free_keytab_entry_contents(context, &entry);
-     }
- 
-     ret = 0;
diff --git a/krb5-mini.changes b/krb5-mini.changes
index a208a62..28548d2 100644
--- a/krb5-mini.changes
+++ b/krb5-mini.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Sun Apr 28 17:14:36 CEST 2013 - mc@suse.de
+
+- update to version 1.11.2
+  * Incremental propagation could erroneously act as if a slave's
+    database were current after the slave received a full dump
+    that failed to load.
+  * gss_import_sec_context incorrectly set internal state that
+    identifies whether an imported context is from an interposer
+    mechanism or from the underlying mechanism. 
+- upstream fix obsolete krb5-lookup_etypes-leak.patch
+
 -------------------------------------------------------------------
 Thu Apr  4 15:10:19 CEST 2013 - mc@suse.de
 
diff --git a/krb5-mini.spec b/krb5-mini.spec
index 9385677..0b72c1a 100644
--- a/krb5-mini.spec
+++ b/krb5-mini.spec
@@ -17,7 +17,7 @@
 
 
 %define build_mini 1
-%define srcRoot krb5-1.11.1
+%define srcRoot krb5-1.11.2
 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
 %define krb5docdir  %{_defaultdocdir}/krb5
 
@@ -31,7 +31,7 @@ BuildRequires:  keyutils-devel
 BuildRequires:  libcom_err-devel
 BuildRequires:  libselinux-devel
 BuildRequires:  ncurses-devel
-Version:        1.11.1
+Version:        1.11.2
 Release:        0
 Summary:        MIT Kerberos5 Implementation--Libraries
 License:        MIT
@@ -74,7 +74,6 @@ Patch11:        krb5-1.9-ksu-path.patch
 Patch12:        krb5-1.11-selinux-label.patch
 Patch13:        krb5-1.9-debuginfo.patch
 Patch14:        krb5-kvno-230379.patch
-Patch15:        krb5-lookup_etypes-leak.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch, coreutils
 PreReq:         %insserv_prereq %fillup_prereq 
@@ -185,7 +184,6 @@ Include Files for Development
 %patch12 -p1
 %patch13 -p0
 %patch14 -p1
-%patch15 -p1
 
 %build
 # needs to be re-generated
diff --git a/krb5.changes b/krb5.changes
index a208a62..28548d2 100644
--- a/krb5.changes
+++ b/krb5.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Sun Apr 28 17:14:36 CEST 2013 - mc@suse.de
+
+- update to version 1.11.2
+  * Incremental propagation could erroneously act as if a slave's
+    database were current after the slave received a full dump
+    that failed to load.
+  * gss_import_sec_context incorrectly set internal state that
+    identifies whether an imported context is from an interposer
+    mechanism or from the underlying mechanism. 
+- upstream fix obsolete krb5-lookup_etypes-leak.patch
+
 -------------------------------------------------------------------
 Thu Apr  4 15:10:19 CEST 2013 - mc@suse.de
 
diff --git a/krb5.spec b/krb5.spec
index 5769936..04b49d6 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -17,7 +17,7 @@
 
 
 %define build_mini 0
-%define srcRoot krb5-1.11.1
+%define srcRoot krb5-1.11.2
 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
 %define krb5docdir  %{_defaultdocdir}/krb5
 
@@ -31,7 +31,7 @@ BuildRequires:  keyutils-devel
 BuildRequires:  libcom_err-devel
 BuildRequires:  libselinux-devel
 BuildRequires:  ncurses-devel
-Version:        1.11.1
+Version:        1.11.2
 Release:        0
 Summary:        MIT Kerberos5 Implementation--Libraries
 License:        MIT
@@ -74,7 +74,6 @@ Patch11:        krb5-1.9-ksu-path.patch
 Patch12:        krb5-1.11-selinux-label.patch
 Patch13:        krb5-1.9-debuginfo.patch
 Patch14:        krb5-kvno-230379.patch
-Patch15:        krb5-lookup_etypes-leak.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         mktemp, grep, /bin/touch, coreutils
 PreReq:         %insserv_prereq %fillup_prereq 
@@ -185,7 +184,6 @@ Include Files for Development
 %patch12 -p1
 %patch13 -p0
 %patch14 -p1
-%patch15 -p1
 
 %build
 # needs to be re-generated