Bug 193020 - [UPDATE] security/pam_google_authenticator: Include improvements against brute force attack
Summary: [UPDATE] security/pam_google_authenticator: Include improvements against brut...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Thomas Zander
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-26 16:23 UTC by rsimmons0
Modified: 2014-10-27 06:00 UTC (History)
2 users (show)

See Also:


Attachments
patch to update security/pam_google_authenticator (2.24 KB, patch)
2014-08-26 16:23 UTC, rsimmons0
koobs: maintainer-approval? (jnlin)
Details | Diff
updated distfile (37.40 KB, application/octet-stream)
2014-08-26 16:23 UTC, rsimmons0
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description rsimmons0 2014-08-26 16:23:13 UTC
Created attachment 146318 [details]
patch to update security/pam_google_authenticator

There have been two upstream changes recently to google authenticator, one of which is fix for brute force attacks as described here:
https://code.google.com/p/google-authenticator/source/detail?r=86af4c32a2940b13397cac52eee435e6acedb8a5

I have updated the port to include all changes up until today's date. The file that can be downloaded from Google code changes size every time its downloaded, so it can't be used as a distfile. I have included an updated version of the distfile along with a patch to update this port.
Comment 1 rsimmons0 2014-08-26 16:23:56 UTC
Created attachment 146319 [details]
updated distfile
Comment 2 John Marino freebsd_committer 2014-08-26 18:49:49 UTC
Maintainer needs to approval, notifying in CC

Also, committer needs to host distfile in LOCAL/
Comment 3 rsimmons0 2014-08-26 18:51:13 UTC
Sorry, how do I host the distfile?
Comment 4 John Marino freebsd_committer 2014-09-04 17:21:07 UTC
I said "the committer", not "the submitter".  You are the submitter.
Comment 5 John Marino freebsd_committer 2014-09-20 18:32:19 UTC
This PR timed out thus maintainer approval is no longer required.  I'm moving it to "patch-ready" status.  However, the committer that takes this PR needs to also host the distfile in their LOCAL/ directory.
Comment 6 rsimmons0 2014-09-21 00:58:17 UTC
I'm willing to take maintainership of this port, if the current maintainer is willing or has gone MIA.
Comment 7 commit-hook freebsd_committer 2014-10-18 08:52:01 UTC
A commit references this bug:

Author: riggs
Date: Sat Oct 18 08:51:47 UTC 2014
New revision: 371100
URL: https://svnweb.freebsd.org/changeset/ports/371100

Log:
  - Update to upstream version 20140826

  PR:		193020
  Submitted by:	rsimmons0@gmail.com
  Approved by:	maintainer timeout

Changes:
  head/security/pam_google_authenticator/Makefile
  head/security/pam_google_authenticator/distinfo
  head/security/pam_google_authenticator/files/patch-Makefile
Comment 8 Thomas Zander freebsd_committer 2014-10-18 08:54:09 UTC
If the maintainer remains unresponsive / MIA, you can submit a patch with the next update in which you change the maintainer email address in the Makefile. Thanks!