Created attachment 188636 [details] Proposed patch Builds fine on 11.1-RELEASE (poudriere testport). Portlint throws some warnings but they were there before also. Fixed a space-instead-of-tab while I was editing the Makefile. Snipped from release notes: This is a security release of Heimdal This release patches a remote denial of service CVE-2017-17439: In Heimdal 7.1 through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm.
poudriere testport done successfully on: * 10.3-RELEASE amd64 * 10.3-RELEASE i386 * 10.4-RELEASE amd64 * 10.4-RELEASE i386 * 11.1-RELEASE amd64 * 11.1-RELEASE i386
Maintainer timeout, back to the pool. Ping ports-secteam@
A commit references this bug: Author: hrs Date: Tue Jan 23 10:35:25 UTC 2018 New revision: 459739 URL: https://svnweb.freebsd.org/changeset/ports/459739 Log: Update to 7.5.0: - In Heimdal 7.1 through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. Security: CVE-2017-17439 PR: 224191 Changes: head/security/heimdal/Makefile head/security/heimdal/distinfo