Date: Mon, 08 Jun 2026 15:03:33 +0000 From: Cy Schubert <cy@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org Subject: git: 17cf42b9b7b2 - 2026Q2 - security/krb5-122: Fix null dereference in SPNEGO token processing Message-ID: <6a26d9c5.18cce.7b6f742f@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch 2026Q2 has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=17cf42b9b7b20ff12e8794390fc0fa93aacc786e commit 17cf42b9b7b20ff12e8794390fc0fa93aacc786e Author: Cy Schubert <cy@FreeBSD.org> AuthorDate: 2026-06-08 14:42:25 +0000 Commit: Cy Schubert <cy@FreeBSD.org> CommitDate: 2026-06-08 15:03:19 +0000 security/krb5-122: Fix null dereference in SPNEGO token processing krb5 1.22.1 erroneously removed a check from get_negTokenResp() for successful decoding of the mechListMIC field. Restore the check to prevent a null pointer dereference. Commit message details obtained from upstream commit. Obtained from: Upstream commit 4ae75cded src commit efb5c07f91c5 (cherry picked from commit cfb473892e7ff64daa2ea4f3fdc63768eaed66d3) --- security/krb5-122/Makefile | 1 + .../krb5-122/files/patch-lib_gssapi_spnego_spnego__mech.c | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/security/krb5-122/Makefile b/security/krb5-122/Makefile index 4e0b6a98e8e6..ba1c1c249666 100644 --- a/security/krb5-122/Makefile +++ b/security/krb5-122/Makefile @@ -1,5 +1,6 @@ PORTNAME= krb5 PORTVERSION= 1.22.2 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/ .if !defined(MASTERDIR) diff --git a/security/krb5-122/files/patch-lib_gssapi_spnego_spnego__mech.c b/security/krb5-122/files/patch-lib_gssapi_spnego_spnego__mech.c new file mode 100644 index 000000000000..fb90baba82c6 --- /dev/null +++ b/security/krb5-122/files/patch-lib_gssapi_spnego_spnego__mech.c @@ -0,0 +1,11 @@ +--- lib/gssapi/spnego/spnego_mech.c.orig 2026-01-29 15:18:10.000000000 -0800 ++++ lib/gssapi/spnego/spnego_mech.c 2026-06-08 07:36:13.575675000 -0700 +@@ -3517,6 +3517,8 @@ + + if (k5_der_get_value(&seq, CONTEXT | 0x03, &field)) { + *mechListMIC = get_octet_string(&field); ++ if (*mechListMIC == GSS_C_NO_BUFFER) ++ return GSS_S_DEFECTIVE_TOKEN; + + /* Handle Windows 2000 duplicate response token */ + if (*responseToken &&home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a26d9c5.18cce.7b6f742f>