Hello community,
here is the log from the commit of package krb5 for openSUSE:Factory checked in at 2014-09-03 18:21:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/krb5 (Old)
and /work/SRC/openSUSE:Factory/.krb5.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "krb5"
Changes:
--------
--- /work/SRC/openSUSE:Factory/krb5/krb5-mini.changes 2014-08-20 17:53:42.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.krb5.new/krb5-mini.changes 2014-09-03 20:09:20.000000000 +0200
@@ -1,0 +2,33 @@
+Sat Aug 30 22:29:28 UTC 2014 - andreas.stieger@gmx.de
+
+- krb5 5.12.2:
+ * Work around a gcc optimizer bug that could cause DB2 KDC
+ database operations to spin in an infinite loop
+ * Fix a backward compatibility problem with the LDAP KDB schema
+ that could prevent krb5-1.11 and later from decoding entries
+ created by krb5-1.6.
+ * Avoid an infinite loop under some circumstances when the GSS
+ mechglue loads a dynamic mechanism.
+ * Fix krb5kdc argument parsing so "-w" and "-r" options work
+ togetherreliably.
+- Vulnerability fixes previously fixed in package via patches:
+ * Handle certain invalid RFC 1964 GSS tokens correctly to avoid
+ invalid memory reference vulnerabilities. [CVE-2014-4341
+ CVE-2014-4342]
+ * Fix memory management vulnerabilities in GSSAPI SPNEGO.
+ [CVE-2014-4343 CVE-2014-4344]
+ * Fix buffer overflow vulnerability in LDAP KDB back end.
+ [CVE-2014-4345]
+- updated patches:
+ * krb5-1.7-doublelog.patch for context change
+ * krb5-1.6.3-ktutil-manpage.dif, same
+- removed patches, in upstream:
+ * krb5-master-keyring-kdcsync.patch
+ * krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
+ * krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
+ * krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
+ * krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
+- Fix build with doxygen 1.8.8 - adding krb5-1.12-doxygen.patch
+ from upstream
+
+-------------------------------------------------------------------
krb5.changes: same change
Old:
----
krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
krb5-1.12.1.tar.gz
krb5-master-keyring-kdcsync.patch
New:
----
krb5-1.12-doxygen.patch
krb5-1.12.2.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ krb5-mini.spec ++++++
--- /var/tmp/diff_new_pack.1diBgX/_old 2014-09-03 20:09:22.000000000 +0200
+++ /var/tmp/diff_new_pack.1diBgX/_new 2014-09-03 20:09:22.000000000 +0200
@@ -17,7 +17,7 @@
%define build_mini 1
-%define srcRoot krb5-1.12.1
+%define srcRoot krb5-1.12.2
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
%define krb5docdir %{_defaultdocdir}/krb5
@@ -30,7 +30,7 @@
BuildRequires: libcom_err-devel
BuildRequires: libselinux-devel
BuildRequires: ncurses-devel
-Version: 1.12.1
+Version: 1.12.2
Release: 0
Summary: MIT Kerberos5 Implementation--Libraries
License: MIT
@@ -82,11 +82,7 @@
Patch12: krb5-1.12-selinux-label.patch
Patch13: krb5-1.9-debuginfo.patch
Patch14: krb5-kvno-230379.patch
-Patch15: krb5-master-keyring-kdcsync.patch
-Patch16: krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
-Patch17: krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
-Patch18: krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
-Patch19: krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
+Patch20: krb5-1.12-doxygen.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: mktemp, grep, /bin/touch, coreutils
PreReq: %fillup_prereq
@@ -206,11 +202,7 @@
%patch12 -p1
%patch13 -p0
%patch14 -p1
-%patch15 -p1
-%patch16 -p1
-%patch17 -p1
-%patch18 -p1
-%patch19 -p1
+%patch20 -p1
%build
# needs to be re-generated
++++++ krb5.spec ++++++
--- /var/tmp/diff_new_pack.1diBgX/_old 2014-09-03 20:09:22.000000000 +0200
+++ /var/tmp/diff_new_pack.1diBgX/_new 2014-09-03 20:09:22.000000000 +0200
@@ -17,7 +17,7 @@
%define build_mini 0
-%define srcRoot krb5-1.12.1
+%define srcRoot krb5-1.12.2
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
%define krb5docdir %{_defaultdocdir}/krb5
@@ -30,7 +30,7 @@
BuildRequires: libcom_err-devel
BuildRequires: libselinux-devel
BuildRequires: ncurses-devel
-Version: 1.12.1
+Version: 1.12.2
Release: 0
Summary: MIT Kerberos5 Implementation--Libraries
License: MIT
@@ -82,11 +82,7 @@
Patch12: krb5-1.12-selinux-label.patch
Patch13: krb5-1.9-debuginfo.patch
Patch14: krb5-kvno-230379.patch
-Patch15: krb5-master-keyring-kdcsync.patch
-Patch16: krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch
-Patch17: krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch
-Patch18: krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch
-Patch19: krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch
+Patch20: krb5-1.12-doxygen.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: mktemp, grep, /bin/touch, coreutils
PreReq: %fillup_prereq
@@ -206,11 +202,7 @@
%patch12 -p1
%patch13 -p0
%patch14 -p1
-%patch15 -p1
-%patch16 -p1
-%patch17 -p1
-%patch18 -p1
-%patch19 -p1
+%patch20 -p1
%build
# needs to be re-generated
++++++ krb5-1.12-doxygen.patch ++++++
commit b7a4d695263f1a5b7fe72b1eadce4acdc3f0490b
From: Ben Kaduk