security/krb5 has a security problem, described in a recent advisory (and noted by portaudit). Fix: Here's a (probably poorly-styled) patch. Note that the portaudit source file needs to be fixed as well to tell it that 1.8.1_1 has the bug fixed. You should verify the PGP signature for the patch yourself. How-To-Repeat: # portupgrade krb5 watch it fail watch portupgrade fail to notice that it failed and delete the installed krb5 package anyway
Responsible Changed From-To: freebsd-ports-bugs->cy Fix synopsis and assign.
State Changed From-To: open->closed Committed. Thanks Garrett.
cy 2010-05-25 05:14:16 UTC FreeBSD ports repository Modified files: security/krb5 Makefile distinfo Log: Apply patch for MIT KRB5 security vulnerability MITKRB5-SA-2010-005. PR: 146939 Submitted by: wollman Security: MIT krb5 Security Advisory 2010-005 Revision Changes Path 1.139 +3 -1 ports/security/krb5/Makefile 1.41 +3 -0 ports/security/krb5/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"