Date: Tue, 15 Nov 2022 16:38:27 GMT From: Cy Schubert <cy@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: 56d3772e3cc7 - 2022Q4 - security/krb5-118: CVE-2022-42898: IGNORE and accelerate removal Message-ID: <202211151638.2AFGcRFt029436@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch 2022Q4 has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=56d3772e3cc7b742d4d6c75a26c7d1388f45b94f commit 56d3772e3cc7b742d4d6c75a26c7d1388f45b94f Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2022-11-15 16:32:20 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2022-11-15 16:38:15 +0000 security/krb5-118: CVE-2022-42898: IGNORE and accelerate removal krb5-118 was desupported by MIT when krb5-120 was released. CVE-2022-42898 now requires its accelerated removal from the tree. It is now flagged IGNORE until its removal on Nov 30, 2022. Security: CVE-2022-42898 (cherry picked from commit c49050564ffcf36e155344562f594e15b82a5194) --- security/krb5-118/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/krb5-118/Makefile b/security/krb5-118/Makefile index aa59adb40e57..333a851254fd 100644 --- a/security/krb5-118/Makefile +++ b/security/krb5-118/Makefile @@ -7,7 +7,8 @@ PKGNAMESUFFIX= -118 .endif DEPECATED= Desupported by MIT following 1.20 -EXPIRY= 2023-05-26 +EXPIRY= 2022-11-30 +IGNORE= Affected by CVE-2022-42898: integer overflow vulnerabilities in PAC parsing PATCH_SITES= http://web.mit.edu/kerberos/advisories/ PATCH_DIST_STRIP= -p2
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202211151638.2AFGcRFt029436>