rpm/libheimdal
SHA256
1
0
Fork 0
forked from pool/libheimdal
Code Pull Requests Activity

Accepting request 514480 from network

Browse Source 
1

OBS-URL: https://build.opensuse.org/request/show/514480
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libheimdal?expand=0&rev=5
This commit is contained in:
Yuchen Lin 2017-08-10 12:05:08 +00:00 committed by Git OBS Bridge
commit dc762e5c7e
5 changed files with 23 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
heimdal-7.3.0-patched.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:550e99237a823e3aeda6ac25de59b4edafaee8a5eb1769145d0f5c9fce01a672
size 7458288

3
heimdal-7.4.0-patched.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f49a302ab803b536dbc2c1c0e33d9b35ab859fc8e8785908d7e1cb1a78afabe0
size 7457572

2
heimdal-patched.diff
View File

@ -4,7 +4,7 @@ diff -uNr heimdal-7.3.0/configure.ac heimdal-7.3.0-patched/configure.ac
@@ -3,7 +3,6 @@ @@ -3,7 +3,6 @@
AC_PREREQ(2.62) AC_PREREQ(2.62)
test -z "$CFLAGS" && CFLAGS="-g" test -z "$CFLAGS" && CFLAGS="-g"
AC_INIT([Heimdal],[7.3.0],[https://github.com/heimdal/heimdal/issues]) AC_INIT([Heimdal],[7.4.0],[https://github.com/heimdal/heimdal/issues])
-AC_CONFIG_SRCDIR([kuser/kinit.c]) -AC_CONFIG_SRCDIR([kuser/kinit.c])
AC_CONFIG_HEADERS(include/config.h) AC_CONFIG_HEADERS(include/config.h)
AC_CONFIG_MACRO_DIR([cf]) AC_CONFIG_MACRO_DIR([cf])

18
libheimdal.changes
View File

@ -1,3 +1,21 @@
-------------------------------------------------------------------
Thu Aug 03 20:25:45 UTC 2017 - joerg.lorenzen@ki.tng.de
- Update to version 7.4.0
- Security
- Fix CVE-2017-11103: Orpheus' Lyre KDC-REP service name
validation.
This is a critical vulnerability.
In _krb5_extract_ticket() the KDC-REP service name must be
obtained from encrypted version stored in 'enc_part' instead
of the unencrypted version stored in 'ticket'.
Use of the unecrypted version provides an opportunity for
successful server impersonation and other attacks.
Identified by Jeffrey Altman, Viktor Duchovni and
Nico Williams.
See https://www.orpheus-lyre.info/ for more details.
- Fixed heimdal-patched.diff.
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jun 15 20:52:17 UTC 2017 - joerg.lorenzen@ki.tng.de Thu Jun 15 20:52:17 UTC 2017 - joerg.lorenzen@ki.tng.de

2
libheimdal.spec
View File

@ -20,7 +20,7 @@ Name: libheimdal
Summary: The Heimdal implementation of the Kerberos 5 protocol Summary: The Heimdal implementation of the Kerberos 5 protocol
License: BSD-3-Clause License: BSD-3-Clause
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
Version: 7.3.0 Version: 7.4.0
Release: 0 Release: 0
Url: http://www.h5l.org Url: http://www.h5l.org
# patched source can be created with script heimdal-patch-source.sh: # patched source can be created with script heimdal-patch-source.sh: