- MITKRB5-SA-2003-005:
Buffer overrun and underrun in principal name handling
- MITKRB5-SA-2003-004:
Cryptographic weaknesses in Kerberos v4 protocol; KDC and realm
compromise possible.
- MITKRB5-SA-2003-003:
Faulty length checks in xdrmem_getbytes may allow kadmind DoS.
- Additional patches from RedHat.
Approved by: kris (wearing his portmgr hat)
Obtained from: MIT Website and Nalin Dahyabhai <nalin@redhat.com>
ENOENT. Obtained from /cvs/krbdev/krb5/src/kdc/kdc_preauth.c,v rev 5.31
in MIT KRB5 tree (fix etype info; wrong termination condition used in
get_etype_info).
Obtained from: Sam Hartman <hartmans@mit.edu>
now makes use of login.conf and login.access. This is performed by
using FreeBSD login(1) instead of MIT KRB5 login.krb5(8).
The MIT KRB5 login.krb5(8) can still be used by specifying "-L" in
the klogind and telnetd arguments in inetd.conf. This is documented
in a new file called README.FreeBSD.
Reviewed by: nectar
<msa@dinosauricon.com> provided the original patches.
= For users outside of the US, point to www.crypto-publish.org for the
distfiles. It was Chris Knight <chris@aims.com.au>'s idea.
Submitted by: Cy.Schubert@uumail.gov.bc.ca (MAINTAINER)
PR: ports/29865
from <paths.h> (if available) like login.krb5 does. As a result,
on FreeBSD 4.2 these two programs end up using different paths
for the nologin file (which is /var/run/nologin on FreeBSD).
Submitted by: <djm@test.pubnix.com>
* Paths corrected in applications
* ftpd now logs to facility LOG_FTP
* use openpty to obtain pseudo-terminal
* corrected detection of TCL libraries
* fix a forwarding bug
* add -m flag to ksu (preserve USER, HOME, SHELL)
* cosmetic bug fix to telnet.c
Submitted by: Dima Ruban <dima@best.net>
