From owner-svn-ports-head@freebsd.org  Wed Oct 18 14:17:41 2017
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 495DAE3A14B;
 Wed, 18 Oct 2017 14:17:41 +0000 (UTC)
 (envelope-from woodsb02@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0A6F57F288;
 Wed, 18 Oct 2017 14:17:40 +0000 (UTC)
 (envelope-from woodsb02@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v9IEHes7072529;
 Wed, 18 Oct 2017 14:17:40 GMT (envelope-from woodsb02@FreeBSD.org)
Received: (from woodsb02@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v9IEHdvk072527;
 Wed, 18 Oct 2017 14:17:39 GMT (envelope-from woodsb02@FreeBSD.org)
Message-Id: <201710181417.v9IEHdvk072527@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: woodsb02 set sender to
 woodsb02@FreeBSD.org using -f
From: Ben Woods <woodsb02@FreeBSD.org>
Date: Wed, 18 Oct 2017 14:17:39 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r452335 - head/security/vuxml
X-SVN-Group: ports-head
X-SVN-Commit-Author: woodsb02
X-SVN-Commit-Paths: head/security/vuxml
X-SVN-Commit-Revision: 452335
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Oct 2017 14:17:41 -0000

Author: woodsb02
Date: Wed Oct 18 14:17:39 2017
New Revision: 452335
URL: https://svnweb.freebsd.org/changeset/ports/452335

Log:
  Doucument recent MIT Kerberos (krb5) vulnerabilities

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Wed Oct 18 14:00:42 2017	(r452334)
+++ head/security/vuxml/vuln.xml	Wed Oct 18 14:17:39 2017	(r452335)
@@ -58,6 +58,45 @@ Notes:
   * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="3f3837cc-48fb-4414-aa46-5b1c23c9feae">
+    <topic>krb5 -- Multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>krb5</name>
+	<range><lt>1.14.6</lt></range>
+	<range><ge>1.15</ge><lt>1.15.2</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>MIT reports:</p>
+	<blockquote cite="http://krbdev.mit.edu/rt/Ticket/Display.html?id=8599">
+	  <p>CVE-2017-11368:</p>
+	  <p>In MIT krb5 1.7 and later, an authenticated attacker can cause an assertion failure in krb5kdc by sending an invalid S4U2Self or S4U2Proxy request.</p>
+	</blockquote>
+	<blockquote cite="http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598">
+	  <p>CVE-2017-11462:</p>
+	  <p>RFC 2744 permits a GSS-API implementation to delete an existing security context on a second or subsequent call to gss_init_sec_context() or gss_accept_sec_context() if the call results in an error.  This API behavior has been found to be dangerous, leading to the possibility of memory errors in some callers.  For safety, GSS-API implementations should instead preserve existing security contexts on error until the caller deletes them.</p>
+	  <p>All versions of MIT krb5 prior to this change may delete acceptor contexts on error.  Versions 1.13.4 through 1.13.7, 1.14.1 through 1.14.5, and 1.15 through 1.15.1 may also delete initiator contexts on error.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>https://nvd.nist.gov/vuln/detail/CVE-2017-11368</url>
+      <url>https://krbdev.mit.edu/rt/Ticket/Display.html?id=8599</url>
+      <url>https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970</url>
+      <url>https://nvd.nist.gov/vuln/detail/CVE-2017-11462</url>
+      <url>https://krbdev.mit.edu/rt/Ticket/Display.html?id=8598</url>
+      <url>https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf</url>
+      <cvename>CVE-2017-11368</cvename>
+      <cvename>CVE-2017-11462</cvename>
+    </references>
+    <dates>
+      <discovery>2017-07-14</discovery>
+      <entry>2017-10-18</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="c41bedfd-b3f9-11e7-ac58-b499baebfeaf">
     <topic>MySQL -- multiple vulnerabilities</topic>
     <affects>