summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-connectivity/krb5
Commit message (Collapse)AuthorAgeFilesLines
...
* krb5: fix CVE-2015-2695Wenzong Fan2015-12-182-0/+573
| | | | | | | | | | | | | | lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call. Backport upstream commit to fix it: https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: upgrade to 1.13.2Roy Li2015-05-172-96/+24
| | | | | | | | | Upgrade to include the CVE fixes: [CVE-2014-5354] [CVE-2014-5353]... Remove the 0001-Return-only-new-keys-in-randkey-CVE-2014-5351.patch Regenerate the /var/run/krb5kdc dir Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: fix CVE-2014-5351Wenzong Fan2014-11-242-0/+93
| | | | | | | | | | | | The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authentic- ated users to forge tickets by leveraging administrative access. This back-ported patch fixes CVE-2014-5351. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: add initscripts-functions to RDEPENDSChen Qi2014-11-071-0/+3
| | | | | | | | | | As this recipe doesn't inherit update-rc.d, we need to add to its runtime dependency initscripts-functions ourselves. Otherwise, we would spot errors in systemd systems when we execute commands like `systemctl start krb5-kdc'. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: use BP for the tarballRobert Yang2014-10-101-2/+2
| | | | | | | | | | | | | | Otherwise do_unpack failed when multilib: tar (child): /path/to/lib32-krb5-1.12.2.tar.gz: Cannot open: No such file or directory And do_patch error: ERROR: Command Error: exit status: 1 Output: Applying patch 0001-aclocal-Add-parameter-to-disable-keyutils-detection.patch can't find file to patch at input line 15 Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: update to version 1.12.2Jackie Huang2014-10-048-52/+437
| | | | | | | | | | | | | Changed: * Add init scripts and default configs based on debian * Add a patch for crosscompile nm * Add a patch to suppress /usr/lib in krb5-config * Add DESCRIPTION * Remove blacklist and inherit autotools-brokensep * Add PACKAGECONFIG for ldap and readline Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* meta-oe: use BPN in SRC_URIRobert Yang2014-07-151-1/+1
| | | | | | | | | | | | Fixed SRC_URI: * ${PN} -> ${BPN}, use ${BP} if it was ${PN}-${PV} * ${P} -> ${BP} Otherwise we would meet do_fetch errors when we do the multilib, native or nativesdk build. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: Blacklist because of broken with B!=SMartin Jansa2014-06-211-0/+2
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issuesMatthieu CRAPET2014-02-231-1/+1
| | | | | | | | | | | | | Changes: - rename SUMMARY with length > 80 to DESCRIPTION - rename DESCRIPTION with length < 80 to (non present tag) SUMMARY - drop final point character at the end of SUMMARY string - remove trailing whitespace of SUMMARY line Note: don't bump PR Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: Add PACKAGECONFIG and new configure param to disable keyutils detectionMartin Jansa2013-10-052-1/+38
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: Upgrade to 1.11.3Martin Jansa2013-10-051-6/+5
| | | | | | | | | | | | | | | | * 1.11 is often failing with: | common.o: file not recognized: File truncated | collect2: ld returned 1 exit status | make[2]: *** [t_export_name] Error 1 when higher parallelism is used 1.11.2 and newer have fix for that: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7587 * LIC_FILES_CHKSUM is only from year update < Copyright (C) 1985-2012 by the Massachusetts Institute of Technology. --- > Copyright (C) 1985-2013 by the Massachusetts Institute of Technology. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: add PACKAGECONFIG for openssl and libeditMartin Jansa2013-07-301-0/+4
| | | | | | | * it's autodetected from sysroot * add PACKAGECONFIG to make it deterministic Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: Fix .debug packaging warning after debug striping was fixedMartin Jansa2013-03-131-1/+2
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: add e2fsprogs dependencyIan Reinhart Geiser2013-02-011-1/+3
| | | | | | | | | | | | Krb5 needs libcom_err from e2fsprogs to be built. It looks like in some cases if e2fsprogs was built before krb5 this would silently pass. * add that e2fsprogs dependency explicitly. * added back the PR and updated its value to r1. Signed-off-by: Ian Reinhart Geiser <igeiser@devonit.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: reconfigure for aarch64Riku Voipio2013-01-031-1/+2
| | | | | | | krb5 needs reconfigure, since the current config.sub included doesn't include aarch64. Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* krb5: fix path to recipe and upgrade to 1.11Martin Jansa2012-12-181-0/+39
* drop PR * fix FILES_${PN}-doc * fix QA warnings: WARNING: QA Issue: krb5: Files/directories were installed but not shipped /usr/share/gnats /usr/share/gnats/mit and RPATH entries Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-13 01:55:24 +0000