security/krb5-*: Address CVE-2022-42898

Topic: Vulnerabilities in PAC parsing CVE-2022-42898: integer overflow vulnerabilities in PAC parsing SUMMARY ======= Three integer overflow vulnerabilities have been discovered in the MIT krb5 library function krb5_parse_pac(). IMPACT ====== An authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. A privileged attacker may similarly be able to cause a Kerberos or GSS application service to crash. On a 32-bit platform, an authenticated attacker may be able to cause heap corruption in a KDC or kadmind process, possibly leading to remote code execution. A privileged attacker may similarly be able to cause heap corruption in a Kerberos or GSS application service running on a 32-bit platform. An attacker with the privileges of a cross-realm KDC may be able to extract secrets from a KDC process's memory by having them copied into the PAC of a new ticket. AFFECTED SOFTWARE ================= Kerberos and GSS application services using krb5-1.8 or later are affected. kadmind in krb5-1.8 or later is affected. The krb5-1.20 KDC is affected. The krb5-1.8 through krb5-1.19 KDC is affected when using the Samba or FreeIPA KDB modules. REFERENCES ========== This announcement is posted at: https://web.mit.edu/kerberos/advisories/MITKRB5-SA-2022-001.txt This announcement and related security advisories may be found on the MIT Kerberos security advisory page at: https://web.mit.edu/kerberos/advisories/index.html The main MIT Kerberos web page is at: https://web.mit.edu/kerberos/index.html CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898 MFH: 2022Q4 Security: CVE-2022-42898
2024-10-18 19:49:40 +00:00 · 2022-11-15 08:27:50 -08:00 · 2022-11-15 08:27:50 -08:00 · de40003bfd
commit de40003bfd
parent 5045eaf7fa
4 changed files with 10 additions and 2 deletions
--- a/security/krb5-119/Makefile
+++ b/security/krb5-119/Makefile
@ -1,5 +1,6 @@
 PORTNAME=		krb5
 PORTVERSION=		1.19.3
+PORTREVISION=		1
 CATEGORIES=		security
 MASTER_SITES=		http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
 .if !defined(MASTERDIR)
@ -8,6 +9,7 @@ PKGNAMESUFFIX=		-119

 PATCH_SITES=		http://web.mit.edu/kerberos/advisories/
 PATCH_DIST_STRIP=	-p2
+PATCHFILES=		2022-001-patch-r119.txt

 MAINTAINER=		cy@FreeBSD.org
 COMMENT=		MIT implementation of RFC 4120 network authentication service
--- a/security/krb5-119/distinfo
+++ b/security/krb5-119/distinfo
@ -1,3 +1,5 @@
-TIMESTAMP = 1647101273
+TIMESTAMP = 1668529517
 SHA256 (krb5-1.19.3.tar.gz) = 56d04863cfddc9d9eb7af17556e043e3537d41c6e545610778676cf551b9dcd0
 SIZE (krb5-1.19.3.tar.gz) = 8741343
+SHA256 (2022-001-patch-r119.txt) = e6e50807528cdda07fe8d946b0b417403168ff1e442ed4dbf099f20262c25867
+SIZE (2022-001-patch-r119.txt) = 3536
--- a/security/krb5-120/Makefile
+++ b/security/krb5-120/Makefile
@ -1,5 +1,6 @@
 PORTNAME=		krb5
 PORTVERSION=		1.20
+PORTREVISION=		1
 CATEGORIES=		security
 MASTER_SITES=		http://web.mit.edu/kerberos/dist/${PORTNAME}/${PORTVERSION:C/^[0-9]*\.[0-9]*/&X/:C/X\.[0-9]*$//:C/X//}/
 .if !defined(MASTERDIR)
@ -8,6 +9,7 @@ PKGNAMESUFFIX=		-120

 PATCH_SITES=		http://web.mit.edu/kerberos/advisories/
 PATCH_DIST_STRIP=	-p2
+PATCHFILES=		2022-001-patch-r120.txt

 MAINTAINER=		cy@FreeBSD.org
 COMMENT=		MIT implementation of RFC 4120 network authentication service
--- a/security/krb5-120/distinfo
+++ b/security/krb5-120/distinfo
@ -1,3 +1,5 @@
-TIMESTAMP = 1653608400
+TIMESTAMP = 1668529430
 SHA256 (krb5-1.20.tar.gz) = 7e022bdd3c851830173f9faaa006a230a0e0fdad4c953e85bff4bf0da036e12f
 SIZE (krb5-1.20.tar.gz) = 8660756
+SHA256 (2022-001-patch-r120.txt) = 7e4589910db665142ba04b45eb8f64d0a3dd30e67c0010e449048600ece0bcc9
+SIZE (2022-001-patch-r120.txt) = 3539