Bug 224191
| Summary: | security/heimdal: update to 7.5.0 (security update, fixes remote DoS) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Vidar Karlsen <vidar> | ||||
| Component: | Individual Port(s) | Assignee: | Hiroki Sato <hrs> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Many People | CC: | ports-secteam, vlad-fbsd | ||||
| Priority: | Normal | Keywords: | patch, security | ||||
| Version: | Latest | Flags: | bugzilla:
maintainer-feedback?
(hrs) vidar: merge-quarterly? |
||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
poudriere testport done successfully on: * 10.3-RELEASE amd64 * 10.3-RELEASE i386 * 10.4-RELEASE amd64 * 10.4-RELEASE i386 * 11.1-RELEASE amd64 * 11.1-RELEASE i386 Maintainer timeout, back to the pool. Ping ports-secteam@ A commit references this bug: Author: hrs Date: Tue Jan 23 10:35:25 UTC 2018 New revision: 459739 URL: https://svnweb.freebsd.org/changeset/ports/459739 Log: Update to 7.5.0: - In Heimdal 7.1 through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. Security: CVE-2017-17439 PR: 224191 Changes: head/security/heimdal/Makefile head/security/heimdal/distinfo |
Created attachment 188636 [details] Proposed patch Builds fine on 11.1-RELEASE (poudriere testport). Portlint throws some warnings but they were there before also. Fixed a space-instead-of-tab while I was editing the Makefile. Snipped from release notes: This is a security release of Heimdal This release patches a remote denial of service CVE-2017-17439: In Heimdal 7.1 through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm.