Hello community, here is the log from the commit of package krb5 for openSUSE:Factory checked in at 2014-09-03 18:21:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/krb5 (Old) and /work/SRC/openSUSE:Factory/.krb5.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "krb5" Changes: -------- --- /work/SRC/openSUSE:Factory/krb5/krb5-mini.changes 2014-08-20 17:53:42.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.krb5.new/krb5-mini.changes 2014-09-03 20:09:20.000000000 +0200 @@ -1,0 +2,33 @@ +Sat Aug 30 22:29:28 UTC 2014 - andreas.stieger@gmx.de + +- krb5 5.12.2: + * Work around a gcc optimizer bug that could cause DB2 KDC + database operations to spin in an infinite loop + * Fix a backward compatibility problem with the LDAP KDB schema + that could prevent krb5-1.11 and later from decoding entries + created by krb5-1.6. + * Avoid an infinite loop under some circumstances when the GSS + mechglue loads a dynamic mechanism. + * Fix krb5kdc argument parsing so "-w" and "-r" options work + togetherreliably. +- Vulnerability fixes previously fixed in package via patches: + * Handle certain invalid RFC 1964 GSS tokens correctly to avoid + invalid memory reference vulnerabilities. [CVE-2014-4341 + CVE-2014-4342] + * Fix memory management vulnerabilities in GSSAPI SPNEGO. + [CVE-2014-4343 CVE-2014-4344] + * Fix buffer overflow vulnerability in LDAP KDB back end. + [CVE-2014-4345] +- updated patches: + * krb5-1.7-doublelog.patch for context change + * krb5-1.6.3-ktutil-manpage.dif, same +- removed patches, in upstream: + * krb5-master-keyring-kdcsync.patch + * krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch + * krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch + * krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch + * krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch +- Fix build with doxygen 1.8.8 - adding krb5-1.12-doxygen.patch + from upstream + +------------------------------------------------------------------- krb5.changes: same change Old: ---- krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch krb5-1.12.1.tar.gz krb5-master-keyring-kdcsync.patch New: ---- krb5-1.12-doxygen.patch krb5-1.12.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-mini.spec ++++++ --- /var/tmp/diff_new_pack.1diBgX/_old 2014-09-03 20:09:22.000000000 +0200 +++ /var/tmp/diff_new_pack.1diBgX/_new 2014-09-03 20:09:22.000000000 +0200 @@ -17,7 +17,7 @@ %define build_mini 1 -%define srcRoot krb5-1.12.1 +%define srcRoot krb5-1.12.2 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/ %define krb5docdir %{_defaultdocdir}/krb5 @@ -30,7 +30,7 @@ BuildRequires: libcom_err-devel BuildRequires: libselinux-devel BuildRequires: ncurses-devel -Version: 1.12.1 +Version: 1.12.2 Release: 0 Summary: MIT Kerberos5 Implementation--Libraries License: MIT @@ -82,11 +82,7 @@ Patch12: krb5-1.12-selinux-label.patch Patch13: krb5-1.9-debuginfo.patch Patch14: krb5-kvno-230379.patch -Patch15: krb5-master-keyring-kdcsync.patch -Patch16: krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch -Patch17: krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch -Patch18: krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch -Patch19: krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch +Patch20: krb5-1.12-doxygen.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch, coreutils PreReq: %fillup_prereq @@ -206,11 +202,7 @@ %patch12 -p1 %patch13 -p0 %patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -%patch18 -p1 -%patch19 -p1 +%patch20 -p1 %build # needs to be re-generated ++++++ krb5.spec ++++++ --- /var/tmp/diff_new_pack.1diBgX/_old 2014-09-03 20:09:22.000000000 +0200 +++ /var/tmp/diff_new_pack.1diBgX/_new 2014-09-03 20:09:22.000000000 +0200 @@ -17,7 +17,7 @@ %define build_mini 0 -%define srcRoot krb5-1.12.1 +%define srcRoot krb5-1.12.2 %define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/ %define krb5docdir %{_defaultdocdir}/krb5 @@ -30,7 +30,7 @@ BuildRequires: libcom_err-devel BuildRequires: libselinux-devel BuildRequires: ncurses-devel -Version: 1.12.1 +Version: 1.12.2 Release: 0 Summary: MIT Kerberos5 Implementation--Libraries License: MIT @@ -82,11 +82,7 @@ Patch12: krb5-1.12-selinux-label.patch Patch13: krb5-1.9-debuginfo.patch Patch14: krb5-kvno-230379.patch -Patch15: krb5-master-keyring-kdcsync.patch -Patch16: krb5-1.12-CVE-2014-4341-CVE-2014-4342.patch -Patch17: krb5-1.12-CVE-2014-4343-Fix-double-free-in-SPNEGO.patch -Patch18: krb5-1.12-CVE-2014-4344-Fix-null-deref-in-SPNEGO-acceptor.patch -Patch19: krb5-1.12-CVE-2014-4345-buffer-overrun-in-kadmind-with-LDAP-backend.patch +Patch20: krb5-1.12-doxygen.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: mktemp, grep, /bin/touch, coreutils PreReq: %fillup_prereq @@ -206,11 +202,7 @@ %patch12 -p1 %patch13 -p0 %patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -%patch18 -p1 -%patch19 -p1 +%patch20 -p1 %build # needs to be re-generated ++++++ krb5-1.12-doxygen.patch ++++++ commit b7a4d695263f1a5b7fe72b1eadce4acdc3f0490b From: Ben Kaduk <kaduk@mit.edu> Date: Thu Aug 28 17:54:39 2014 -0400 Subject: Map .hin files to the C language for doxygen Upstream: Committed References: https://github.com/krb5/krb5/commit/b7a4d695263f1a5b7fe72b1eadce4acdc3f0490b https://github.com/krb5/krb5/pull/198 Doxygen 1.8.8 is unhappy with the generated Doxyfile, and does not handle krb5.hin in the expected fashion (as a C header). Work around this issue by explicitly specifying that files with the .hin extension are to be treated as C language files. Fixes the following build failure with doxygen 1.8.8: [ 326s] cp rst_apiref/*.rst rst_composite/appdev/refs/api [ 326s] cp: cannot stat 'rst_apiref/*.rst': No such file or directory [ 326s] Makefile:692: recipe for target 'composite' failed [ 326s] make: *** [composite] Error 1 diff --git a/src/doc/Doxyfile.in b/src/doc/Doxyfile.in index 2082b6d..c225864 100644 --- a/src/doc/Doxyfile.in +++ b/src/doc/Doxyfile.in @@ -4,6 +4,7 @@ JAVADOC_AUTOBRIEF = YES OPTIMIZE_OUTPUT_FOR_C = YES WARN_IF_UNDOCUMENTED = NO SHOW_FILES = NO +EXTENSION_MAPPING = hin=C INPUT = @SRC@/include/krb5/krb5.hin @DOC@/doxy_examples EXAMPLE_PATH = @DOC@/doxy_examples GENERATE_HTML = NO lines 1-28/28 (END) ++++++ krb5-1.12.1.tar.gz -> krb5-1.12.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/krb5/krb5-1.12.1.tar.gz /work/SRC/openSUSE:Factory/.krb5.new/krb5-1.12.2.tar.gz differ: char 5, line 1 ++++++ krb5-1.6.3-ktutil-manpage.dif ++++++ --- /var/tmp/diff_new_pack.1diBgX/_old 2014-09-03 20:09:22.000000000 +0200 +++ /var/tmp/diff_new_pack.1diBgX/_new 2014-09-03 20:09:22.000000000 +0200 @@ -1,9 +1,13 @@ -Index: krb5-1.11/src/man/ktutil.man +--- + src/man/ktutil.man | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +Index: krb5-1.12.2/src/man/ktutil.man =================================================================== ---- krb5-1.11.orig/src/man/ktutil.man -+++ krb5-1.11/src/man/ktutil.man -@@ -158,6 +158,18 @@ ktutil: - .fi +--- krb5-1.12.2.orig/src/man/ktutil.man 2014-08-30 23:06:53.000000000 +0100 ++++ krb5-1.12.2/src/man/ktutil.man 2014-08-30 23:07:00.000000000 +0100 +@@ -162,6 +162,18 @@ ktutil: + .UNINDENT .UNINDENT .UNINDENT +.SH REMARKS ++++++ krb5-1.7-doublelog.patch ++++++ --- /var/tmp/diff_new_pack.1diBgX/_old 2014-09-03 20:09:22.000000000 +0200 +++ /var/tmp/diff_new_pack.1diBgX/_new 2014-09-03 20:09:22.000000000 +0200 @@ -1,16 +1,20 @@ Don't double-log (actually, don't process /etc/krb5.conf twice) just because we built with --sysconfdir=/etc. RT#3277 -Index: krb5-1.10.2/src/include/Makefile.in +--- + src/include/Makefile.in | 2 ++ + 1 file changed, 2 insertions(+) + +Index: krb5-1.12.2/src/include/Makefile.in =================================================================== ---- krb5-1.10.2.orig/src/include/Makefile.in -+++ krb5-1.10.2/src/include/Makefile.in -@@ -67,6 +67,8 @@ PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$( +--- krb5-1.12.2.orig/src/include/Makefile.in 2014-08-30 23:08:41.000000000 +0100 ++++ krb5-1.12.2/src/include/Makefile.in 2014-08-30 23:09:04.000000000 +0100 +@@ -68,6 +68,8 @@ PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$( -e "s+@GSSMODULEDIR+$(GSS_MODULE_DIR)+" \ -e 's+@LOCALSTATEDIR+$(LOCALSTATEDIR)+' \ -e 's+@SYSCONFDIR+$(SYSCONFDIR)+' \ + -e 's+:/etc/krb5.conf:/etc/krb5.conf"+:/etc/krb5.conf"+' \ + -e 's+"/etc/krb5.conf:/etc/krb5.conf"+"/etc/krb5.conf"+' \ - -e 's+@DYNOBJEXT+$(DYNOBJEXT)+' + -e 's+@DYNOBJEXT+$(DYNOBJEXT)+' \ + -e 's+@SYSCONFCONF+$(SYSCONFCONF)+' - OSCONFSRC = $(srcdir)/osconf.hin -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org