[packages/heimdal] - updated to 7.8.0 (fixes CVE-2019-14870 CVE-2021-3671 CVE-2021-44758 CVE-2022-3437 CVE-2022-41916 C

qboosh qboosh at pld-linux.org
Fri Jun 30 18:06:01 CEST 2023 

commit dd6b7f1f545da43d511d78161a2439a2464757e1
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Fri Jun 30 17:34:34 2023 +0200

    - updated to 7.8.0 (fixes CVE-2019-14870 CVE-2021-3671 CVE-2021-44758 CVE-2022-3437 CVE-2022-41916 CVE-2022-42898 CVE-2022-44640)

 autoconf-2.70.patch        | 29 -----------------------------
 heimdal-am_man_fixes.patch | 11 +++++------
 heimdal-db4.patch          | 12 ++++++------
 heimdal-includedirs.patch  | 22 ----------------------
 heimdal-sbindir.patch      | 11 +++++------
 heimdal.spec               |  9 ++++-----
 6 files changed, 20 insertions(+), 74 deletions(-)
---
diff --git a/heimdal.spec b/heimdal.spec
index 4bcab08..fd85eae 100644
--- a/heimdal.spec
+++ b/heimdal.spec
@@ -8,12 +8,13 @@
 Summary:	Heimdal implementation of Kerberos V5 system
 Summary(pl.UTF-8):	Implementacja Heimdal systemu Kerberos V5
 Name:		heimdal
-Version:	7.7.0
-Release:	4
+Version:	7.8.0
+Release:	1
 License:	Free
 Group:		Networking
+#Source0Download: https://github.com/heimdal/heimdal/releases
 Source0:	https://github.com/heimdal/heimdal/releases/download/heimdal-%{version}/%{name}-%{version}.tar.gz
-# Source0-md5:	82da0bfbe89995c2ecb6cb9c354e06a3
+# Source0-md5:	2389c0ad22f2cc2bbef7b27a090d27b5
 Source1:	%{name}.init
 Source2:	%{name}-kpasswdd.init
 Source3:	%{name}-ipropd.init
@@ -35,7 +36,6 @@ Patch10:	%{name}-ntlm-digest.patch
 Patch11:	%{name}-krb5config-nosysdirs.patch
 Patch12:	%{name}-tinfo.patch
 Patch13:	%{name}-missing-exports.patch
-Patch14:	autoconf-2.70.patch
 URL:		http://www.h5l.org/
 BuildRequires:	autoconf >= 2.62
 BuildRequires:	automake >= 1:1.11
@@ -243,7 +243,6 @@ Kerberosa.
 %patch11 -p1
 %patch12 -p1
 %patch13 -p1
-%patch14 -p1
 
 %build
 install -d our-ld
diff --git a/autoconf-2.70.patch b/autoconf-2.70.patch
deleted file mode 100644
index 0dcc310..0000000
--- a/autoconf-2.70.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 22352b90e78e2d162b98b5ef6c84672c397be40a Mon Sep 17 00:00:00 2001
-From: Lars Wendler <polynomial-c at gentoo.org>
-Date: Wed, 17 Mar 2021 17:49:18 +0100
-Subject: [PATCH] autoconf-2.70 fix
-
-autoconf-2.70 and newer are more strict with quoting etc. and thus generate
-a broken configure file:
-
-  configure: 20855: Syntax error: ")" unexpected (expecting "fi")
-
-Gentoo-bug: https://bugs.gentoo.org/776241
-Signed-off-by: Lars Wendler <polynomial-c at gentoo.org>
----
- cf/check-var.m4 | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/cf/check-var.m4 b/cf/check-var.m4
-index 2fd7bca6f0..71d6f70ca8 100644
---- a/cf/check-var.m4
-+++ b/cf/check-var.m4
-@@ -20,7 +20,7 @@ AC_MSG_RESULT($ac_foo)
- if test "$ac_foo" = yes; then
- 	AC_DEFINE_UNQUOTED(AS_TR_CPP(HAVE_[]$1), 1, 
- 		[Define if you have the `]$1[' variable.])
--	m4_ifval([$2], AC_CHECK_DECLS([$1],[],[],[$2]))
-+	m4_ifval([$2], [AC_CHECK_DECLS([$1],[],[],[$2])])
- fi
- ])
- 
diff --git a/heimdal-am_man_fixes.patch b/heimdal-am_man_fixes.patch
index d529672..5527417 100644
--- a/heimdal-am_man_fixes.patch
+++ b/heimdal-am_man_fixes.patch
@@ -1,8 +1,8 @@
---- heimdal-7.1.0/cf/Makefile.am.common.orig	2017-01-25 20:23:32.137466687 +0100
-+++ heimdal-7.1.0/cf/Makefile.am.common	2017-01-25 20:23:36.384133306 +0100
-@@ -149,99 +149,7 @@
+--- heimdal-7.8.0/cf/Makefile.am.common.orig	2023-06-30 06:05:05.966564794 +0200
++++ heimdal-7.8.0/cf/Makefile.am.common	2023-06-30 06:09:39.754083816 +0200
+@@ -158,98 +158,7 @@ SUFFIXES += .x .z .hx
  .hx.h:
- 	@cmp -s $< $@ 2> /dev/null || cp $< $@
+ 	@cmp -s $< $@ 2> /dev/null || cp $< $@;
  
 -SUFFIXES += .1 .3 .5 .7 .8 .cat1 .cat3 .cat5 .cat7 .cat8
 -
@@ -96,8 +96,7 @@
 -
 -install-data-hook: install-cat-mans
 -uninstall-hook: uninstall-cat-mans
--
 +SUFFIXES += .1 .3 .5 .7 .8
  
+ 
  .et.h:
- 	$(COMPILE_ET) $<
diff --git a/heimdal-db4.patch b/heimdal-db4.patch
index 8e7d33d..1cd75e0 100644
--- a/heimdal-db4.patch
+++ b/heimdal-db4.patch
@@ -1,11 +1,11 @@
---- heimdal-1.7/cf/db.m4~	2016-11-17 07:27:27.000000000 +0200
-+++ heimdal-1.7/cf/db.m4	2016-11-19 00:50:46.306999136 +0200
-@@ -59,7 +59,7 @@
+--- heimdal-7.8.0/cf/db.m4.orig	2023-06-30 06:11:34.734647658 +0200
++++ heimdal-7.8.0/cf/db.m4	2023-06-30 06:17:53.188534060 +0200
+@@ -59,7 +59,7 @@ AS_IF([test "x$with_berkeley_db" != xno]
  
- dnl db_create is used by db3 and db4 and db5
+ dnl db_create is used by db3 and db4 and db5 and db6
  
--  AC_FIND_FUNC_NO_LIBS(db_create, [$dbheader] db-5 db5 db4 db3 db, [
-+  AC_FIND_FUNC_NO_LIBS(db_create, [$dbheader] db-6.2 db-6.1 db-6.0 db-5.3 db-5.2 db-5.1 db-5.0 db-5 db5 db-4.8 db-4.7 db-4.6 db-4.5 db-4.4 db-4.3 db-4.2 db-4.1 db4 db3 db, [
+-  AC_FIND_FUNC_NO_LIBS(db_create, [$dbheader] db-6 db-5 db4 db3 db, [
++  AC_FIND_FUNC_NO_LIBS(db_create, [$dbheader] db-6 db-6.2 db-6.1 db-6.0 db-5 db-5.3 db-5.2 db-5.1 db-5.0 db4 db-4.8 db-4.7 db-4.6 db-4.5 db-4.4 db-4.3 db-4.2 db-4.1 db3 db, [
    #include <stdio.h>
    #ifdef HAVE_DBHEADER
    #include <$dbheader/db.h>
diff --git a/heimdal-includedirs.patch b/heimdal-includedirs.patch
index ff3228d..f906022 100644
--- a/heimdal-includedirs.patch
+++ b/heimdal-includedirs.patch
@@ -21,25 +21,3 @@ index 469176b6c6..195117d174 100644
  
  lib_LTLIBRARIES = libhcrypto.la
  check_LTLIBRARIES = libhctest.la
-From 572a6fd7ac41e9210ef3eb765fe7da4ec8a94bb2 Mon Sep 17 00:00:00 2001
-From: Luke Howard <lukeh at padl.com>
-Date: Mon, 24 Dec 2018 02:21:32 +0000
-Subject: [PATCH] hx509: fix dependency, hxtool requires ASN.1 headers
-
----
- lib/hx509/Makefile.am | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/lib/hx509/Makefile.am b/lib/hx509/Makefile.am
-index b58deb3e37..09643c43a0 100644
---- a/lib/hx509/Makefile.am
-+++ b/lib/hx509/Makefile.am
-@@ -164,7 +164,7 @@ hxtool-commands.c hxtool-commands.h: hxtool-commands.in $(SLC)
- dist_hxtool_SOURCES = hxtool.c
- nodist_hxtool_SOURCES = hxtool-commands.c hxtool-commands.h
- 
--$(hxtool_OBJECTS): hxtool-commands.h hx509_err.h
-+$(hxtool_OBJECTS): hxtool-commands.h $(nodist_include_HEADERS)
- 
- hxtool_LDADD = \
- 	libhx509.la \
diff --git a/heimdal-sbindir.patch b/heimdal-sbindir.patch
index f2c6d3f..ff1c1f2 100644
--- a/heimdal-sbindir.patch
+++ b/heimdal-sbindir.patch
@@ -84,10 +84,9 @@ diff -urNp -x '*.orig' heimdal-7.7.0.org/kuser/Makefile.am heimdal-7.7.0/kuser/M
  
  noinst_PROGRAMS = kverify kdecode_ticket generate-requests
  
-diff -urNp -x '*.orig' heimdal-7.7.0.org/lib/kadm5/Makefile.am heimdal-7.7.0/lib/kadm5/Makefile.am
---- heimdal-7.7.0.org/lib/kadm5/Makefile.am	2019-06-07 08:21:35.000000000 +0200
-+++ heimdal-7.7.0/lib/kadm5/Makefile.am	2021-05-10 00:32:51.412798762 +0200
-@@ -13,7 +13,7 @@ libkadm5clnt_la_LDFLAGS += $(LDFLAGS_VER
+--- heimdal-7.8.0/lib/kadm5/Makefile.am.orig	2022-11-15 18:06:45.000000000 +0100
++++ heimdal-7.8.0/lib/kadm5/Makefile.am	2023-06-30 06:24:43.766564269 +0200
+@@ -14,7 +14,7 @@ libkadm5clnt_la_LDFLAGS += $(LDFLAGS_VER
  libkadm5srv_la_LDFLAGS += $(LDFLAGS_VERSION_SCRIPT)$(srcdir)/version-script.map
  endif
  
@@ -96,12 +95,12 @@ diff -urNp -x '*.orig' heimdal-7.7.0.org/lib/kadm5/Makefile.am heimdal-7.7.0/lib
  check_PROGRAMS = default_keys
  noinst_PROGRAMS = test_pw_quality
  
-@@ -28,8 +28,6 @@ libkadm5srv_la_LIBADD = \
+@@ -29,8 +29,6 @@ libkadm5srv_la_LIBADD = \
  libkadm5clnt_la_LIBADD = \
  	$(LIB_com_err) ../krb5/libkrb5.la $(LIBADD_roken)
  
 -libexec_PROGRAMS = ipropd-master ipropd-slave
 -
  default_keys_SOURCES = default_keys.c
+ default_keys_CPPFLAGS = -I$(srcdir)/../krb5
  
- kadm5includedir = $(includedir)/kadm5
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/heimdal.git/commitdiff/dd6b7f1f545da43d511d78161a2439a2464757e1

More information about the pld-cvs-commit mailing list