rpm/krb5
SHA256
1
0
Fork 0
forked from pool/krb5
Code Pull Requests Activity

- update to version 1.11.2

Browse Source 
* Incremental propagation could erroneously act as if a slave's
    database were current after the slave received a full dump
    that failed to load.
  * gss_import_sec_context incorrectly set internal state that
    identifies whether an imported context is from an interposer
    mechanism or from the underlying mechanism. 
- upstream fix obsolete krb5-lookup_etypes-leak.patch

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=97
This commit is contained in:
Michael Calmer 2013-04-28 15:20:13 +00:00 committed by Git OBS Bridge
parent fe67473a6d
commit 703aff2fdd
7 changed files with 31 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
krb5-1.11.1.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7994928de3fbaeaef4862798ad1608c8bd886b91cc15de7b49d6c3c3cadc1d0d
size 9433869

3
krb5-1.11.2.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:562e6cbbdfa6025082dbb847e7cc992d51e189e34a26fb8b528a9ce42ccbe50f
size 9438890

42
krb5-lookup_etypes-leak.patch
View File

@ -1,42 +0,0 @@
Petr Spacek notes that when we walk the keytab in lookup_etypes_for_keytab(),
we don't free entries when we're finished examining them. Ensure that when
krb5_kt_next_entry() succeeds, we make sure to free the entry storage before we
exit the current loop iteration. (RT#7586)
--- a/src/lib/krb5/krb/gic_keytab.c
+++ b/src/lib/krb5/krb/gic_keytab.c
@@ -110,9 +110,9 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
goto cleanup;
if (!krb5_c_valid_enctype(entry.key.enctype))
- continue;
+ goto next_entry;
if (!krb5_principal_compare(context, entry.principal, client))
- continue;
+ goto next_entry;
/* Make sure our list is for the highest kvno found for client. */
if (entry.vno > max_kvno) {
free(etypes);
@@ -120,11 +120,12 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
count = 0;
max_kvno = entry.vno;
} else if (entry.vno != max_kvno)
- continue;
+ goto next_entry;
/* Leave room for the terminator and possibly a second entry. */
p = realloc(etypes, (count + 3) * sizeof(*etypes));
if (p == NULL) {
+ krb5_free_keytab_entry_contents(context, &entry);
ret = ENOMEM;
goto cleanup;
}
@@ -136,6 +137,8 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
entry.key.enctype == ENCTYPE_DES_CBC_MD4)
etypes[count++] = ENCTYPE_DES_CBC_CRC;
etypes[count] = 0;
+next_entry:
+ krb5_free_keytab_entry_contents(context, &entry);
}
ret = 0;

12
krb5-mini.changes
View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Sun Apr 28 17:14:36 CEST 2013 - mc@suse.de
- update to version 1.11.2
* Incremental propagation could erroneously act as if a slave's
database were current after the slave received a full dump
that failed to load.
* gss_import_sec_context incorrectly set internal state that
identifies whether an imported context is from an interposer
mechanism or from the underlying mechanism.
- upstream fix obsolete krb5-lookup_etypes-leak.patch
-------------------------------------------------------------------
Thu Apr 4 15:10:19 CEST 2013 - mc@suse.de

6
krb5-mini.spec
View File

@ -17,7 +17,7 @@
%define build_mini 1
%define srcRoot krb5-1.11.1
%define srcRoot krb5-1.11.2
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
%define krb5docdir %{_defaultdocdir}/krb5
@ -31,7 +31,7 @@ BuildRequires: keyutils-devel
BuildRequires: libcom_err-devel
BuildRequires: libselinux-devel
BuildRequires: ncurses-devel
Version: 1.11.1
Version: 1.11.2
Release: 0
Summary: MIT Kerberos5 Implementation--Libraries
License: MIT
@ -74,7 +74,6 @@ Patch11: krb5-1.9-ksu-path.patch
Patch12: krb5-1.11-selinux-label.patch
Patch13: krb5-1.9-debuginfo.patch
Patch14: krb5-kvno-230379.patch
Patch15: krb5-lookup_etypes-leak.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: mktemp, grep, /bin/touch, coreutils
PreReq: %insserv_prereq %fillup_prereq
@ -185,7 +184,6 @@ Include Files for Development
%patch12 -p1
%patch13 -p0
%patch14 -p1
%patch15 -p1
%build
# needs to be re-generated

12
krb5.changes
View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Sun Apr 28 17:14:36 CEST 2013 - mc@suse.de
- update to version 1.11.2
* Incremental propagation could erroneously act as if a slave's
database were current after the slave received a full dump
that failed to load.
* gss_import_sec_context incorrectly set internal state that
identifies whether an imported context is from an interposer
mechanism or from the underlying mechanism.
- upstream fix obsolete krb5-lookup_etypes-leak.patch
-------------------------------------------------------------------
Thu Apr 4 15:10:19 CEST 2013 - mc@suse.de

6
krb5.spec
View File

@ -17,7 +17,7 @@
%define build_mini 0
%define srcRoot krb5-1.11.1
%define srcRoot krb5-1.11.2
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
%define krb5docdir %{_defaultdocdir}/krb5
@ -31,7 +31,7 @@ BuildRequires: keyutils-devel
BuildRequires: libcom_err-devel
BuildRequires: libselinux-devel
BuildRequires: ncurses-devel
Version: 1.11.1
Version: 1.11.2
Release: 0
Summary: MIT Kerberos5 Implementation--Libraries
License: MIT
@ -74,7 +74,6 @@ Patch11: krb5-1.9-ksu-path.patch
Patch12: krb5-1.11-selinux-label.patch
Patch13: krb5-1.9-debuginfo.patch
Patch14: krb5-kvno-230379.patch
Patch15: krb5-lookup_etypes-leak.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: mktemp, grep, /bin/touch, coreutils
PreReq: %insserv_prereq %fillup_prereq
@ -185,7 +184,6 @@ Include Files for Development
%patch12 -p1
%patch13 -p0
%patch14 -p1
%patch15 -p1
%build
# needs to be re-generated