aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2012-01-10 15:18:10 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2012-01-10 15:18:10 +0000
commitbb7500d2700767ec6df3fe37b9f75dc53bc91347 (patch)
tree2542a1e219bd10464481814ecf3233f73fb2194b
parent40ede345ed720e9bca95dbbb08f8a0e564594722 (diff)
main/heimdal: security fix (CVE-2011-4862)
fixes #914
-rw-r--r--main/heimdal/APKBUILD6
-rw-r--r--main/heimdal/telnetd.patch14
2 files changed, 18 insertions, 2 deletions
diff --git a/main/heimdal/APKBUILD b/main/heimdal/APKBUILD
index 2136b5359e2..d4c258c11df 100644
--- a/main/heimdal/APKBUILD
+++ b/main/heimdal/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
pkgname=heimdal
pkgver=1.4
-pkgrel=7
+pkgrel=8
pkgdesc="An implementation of Kerberos 5"
arch="all"
url="http://www.h5l.org/"
@@ -21,6 +21,7 @@ source="http://ftp4.de.freesbie.org/pub/misc/heimdal/src/$pkgname-$pkgver.tar.gz
005_all_heimdal-suid_fix.patch
014_all_heimdal-path.patch
heimdal-1.4-make.patch
+telnetd.patch
"
_builddir="$srcdir/$pkgname-$pkgver"
@@ -170,4 +171,5 @@ md5sums="31d08bbf47a77827fe97ef3f52b4c9c4 heimdal-1.4.tar.gz
2feec3924ee5230b54175b4d4000c872 003_all_heimdal-rxapps.patch
45aeb207f360f9f4e9e0fabc8bfeecbc 005_all_heimdal-suid_fix.patch
8208ae8c0b6ff5ab4f64af1693e9e396 014_all_heimdal-path.patch
-fa1753ec676029cd59a3ef24da55c144 heimdal-1.4-make.patch"
+fa1753ec676029cd59a3ef24da55c144 heimdal-1.4-make.patch
+f320b91692b872e28f446f9cf1bc68bf telnetd.patch"
diff --git a/main/heimdal/telnetd.patch b/main/heimdal/telnetd.patch
new file mode 100644
index 00000000000..9c4d10386c7
--- /dev/null
+++ b/main/heimdal/telnetd.patch
@@ -0,0 +1,14 @@
+Index: crypto/heimdal/appl/telnet/libtelnet/encrypt.c
+===================================================================
+--- appl/telnet/libtelnet/encrypt.c (revision 228798)
++++ appl/telnet/libtelnet/encrypt.c (working copy)
+@@ -736,6 +736,9 @@
+ int dir = kp->dir;
+ int ret = 0;
+
++ if (len > MAXKEYLEN)
++ len = MAXKEYLEN;
++
+ if (!(ep = (*kp->getcrypt)(*kp->modep))) {
+ if (len == 0)
+ return;