Date: Mon, 26 Jul 2021 19:56:23 GMT From: Cy Schubert <cy@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: f6f818b90ed8 - main - security/krb5-119: Update to 1.19.2 Message-ID: <202107261956.16QJuNQL000546@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=f6f818b90ed876c718a3b2c69cee423c9acc3431 commit f6f818b90ed876c718a3b2c69cee423c9acc3431 Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2021-07-26 19:43:30 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2021-07-26 19:55:38 +0000 security/krb5-119: Update to 1.19.2 The announcement as follows: The MIT Kerberos Team announces the availability of MIT Kerberos 5 Releases 1.19.2 and 1.18.4. Please see below for a list of some major changes included, or consult the README file in the source tree for a more detailed list of significant changes. Retrieving krb5-1.19.2 and krb5-1.18.4 ====================================== You may retrieve the krb5-1.19.2 and krb5-1.18.4 sources from the following URL: https://kerberos.org/dist/ The homepage for the krb5-1.19.2 and krb5-1.18.4 releases are: https://web.mit.edu/kerberos/krb5-1.19/ https://web.mit.edu/kerberos/krb5-1.18/ Further information about Kerberos 5 may be found at the following URL: https://web.mit.edu/kerberos/ Triple-DES transition ===================== Beginning with the krb5-1.19 release, a warning will be issued if initial credentials are acquired using the des3-cbc-sha1 encryption type. In future releases, this encryption type will be disabled by default and eventually removed. Beginning with the krb5-1.18 release, single-DES encryption types have been removed. Major changes in 1.19.2 and 1.18.4 (2021-07-22) =============================================== These are bug fix releases. * Fix a denial of service attack against the KDC encrypted challenge code [CVE-2021-36222]. * Fix a memory leak when gss_inquire_cred() is called without a credential handle. MFH: 2021Q3 Security: CVE-2021-36222 --- security/krb5-119/Makefile | 2 +- security/krb5-119/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/security/krb5-119/Makefile b/security/krb5-119/Makefile index 9d7d1a1a7430..0ee8b5743b8b 100644 --- a/security/krb5-119/Makefile +++ b/security/krb5-119/Makefile @@ -1,7 +1,7 @@ # Created by: nectar@FreeBSD.org PORTNAME= krb5 -PORTVERSION= 1.19.1 +PORTVERSION= 1.19.2 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ .if !defined(MASTERDIR) diff --git a/security/krb5-119/distinfo b/security/krb5-119/distinfo index 1b2f152b4798..aadda359d686 100644 --- a/security/krb5-119/distinfo +++ b/security/krb5-119/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1613747601 -SHA256 (krb5-1.19.1.tar.gz) = fa16f87eb7e3ec3586143c800d7eaff98b5e0dcdf0772af7d98612e49dbeb20b -SIZE (krb5-1.19.1.tar.gz) = 8738142 +TIMESTAMP = 1627327746 +SHA256 (krb5-1.19.2.tar.gz) = 10453fee4e3a8f8ce6129059e5c050b8a65dab1c257df68b99b3112eaa0cdf6a +SIZE (krb5-1.19.2.tar.gz) = 8741053
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202107261956.16QJuNQL000546>