From 78c3ea61b29ed527e4854f2f03ca0614888f5dd1 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 26 Sep 2016 14:37:20 +0100 Subject: [PATCH 1/2] openssl: Update to 1.0.2j Missing CRL sanity check (CVE-2016-7052) ======================================== Severity: Moderate This issue only affects OpenSSL 1.0.2i, released on 22nd September 2016. A bug fix which included a CRL sanity check was added to OpenSSL 1.1.0 but was omitted from OpenSSL 1.0.2i. As a result any attempt to use CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. OpenSSL 1.0.2i users should upgrade to 1.0.2j The issue was reported to OpenSSL on 22nd September 2016 by Bruce Stephens and Thomas Jakobi. The fix was developed by Matt Caswell of the OpenSSL development team. https://www.openssl.org/news/secadv/20160926.txt Signed-off-by: Michael Tremer --- lfs/openssl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/openssl b/lfs/openssl index d0ed4d30b..0405a77f8 100644 --- a/lfs/openssl +++ b/lfs/openssl @@ -24,7 +24,7 @@ include Config -VER = 1.0.2i +VER = 1.0.2j THISAPP = openssl-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -87,7 +87,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 678374e63f8df456a697d3e5e5a931fb +$(DL_FILE)_MD5 = 96322138f0b69e61b7212bc53d5e912b install : $(TARGET) From 4141e0aad1652d85daef1bafee85d155f8eb9129 Mon Sep 17 00:00:00 2001 From: Jonatan Schlag Date: Sun, 25 Sep 2016 18:50:03 +0200 Subject: [PATCH 2/2] Update krb5 to 1.14.4 This commit updates krb5 to version 1.14.4 The patch is removed, because he is upstream since 1.12.2. The samba version is incremented, to link samba against the new krb5 version. Otherwise samba for example is linked against /usr/lib/libkdb5.so.7 but the current version is /usr/lib/libkdb5.so.8 Signed-off-by: Jonatan Schlag Signed-off-by: Michael Tremer --- config/rootfiles/packages/krb5 | 20 +-- lfs/krb5 | 7 +- lfs/samba | 2 +- src/patches/mitkrb-1.12.1-db2_fix-1.patch | 175 ---------------------- 4 files changed, 15 insertions(+), 189 deletions(-) delete mode 100644 src/patches/mitkrb-1.12.1-db2_fix-1.patch diff --git a/config/rootfiles/packages/krb5 b/config/rootfiles/packages/krb5 index e1e7d64f1..d73f22bba 100644 --- a/config/rootfiles/packages/krb5 +++ b/config/rootfiles/packages/krb5 @@ -68,6 +68,9 @@ usr/lib/krb5/plugins/libkrb5 usr/lib/krb5/plugins/preauth usr/lib/krb5/plugins/preauth/otp.so usr/lib/krb5/plugins/preauth/pkinit.so +usr/lib/krb5/plugins/preauth/test.so +usr/lib/krb5/plugins/tls +usr/lib/krb5/plugins/tls/k5tls.so #usr/lib/libgssapi_krb5.so usr/lib/libgssapi_krb5.so.2 usr/lib/libgssapi_krb5.so.2.2 @@ -79,15 +82,15 @@ usr/lib/libk5crypto.so.3 usr/lib/libk5crypto.so.3.1 #usr/lib/libkadm5clnt.so #usr/lib/libkadm5clnt_mit.so -usr/lib/libkadm5clnt_mit.so.9 -usr/lib/libkadm5clnt_mit.so.9.0 +usr/lib/libkadm5clnt_mit.so.10 +usr/lib/libkadm5clnt_mit.so.10.0 #usr/lib/libkadm5srv.so #usr/lib/libkadm5srv_mit.so -usr/lib/libkadm5srv_mit.so.9 -usr/lib/libkadm5srv_mit.so.9.0 +usr/lib/libkadm5srv_mit.so.10 +usr/lib/libkadm5srv_mit.so.10.0 #usr/lib/libkdb5.so -usr/lib/libkdb5.so.7 -usr/lib/libkdb5.so.7.0 +usr/lib/libkdb5.so.8 +usr/lib/libkdb5.so.8.0 #usr/lib/libkrad.so usr/lib/libkrad.so.0 usr/lib/libkrad.so.0.0 @@ -125,8 +128,6 @@ usr/lib/libverto.so.0.0 #usr/share/examples/krb5/kdc.conf #usr/share/examples/krb5/krb5.conf #usr/share/examples/krb5/services.append -#usr/share/gnats -#usr/share/gnats/mit #usr/share/locale/en_US #usr/share/locale/en_US/LC_MESSAGES #usr/share/locale/en_US/LC_MESSAGES/mit-krb5.mo @@ -140,7 +141,6 @@ usr/lib/libverto.so.0.0 #usr/share/man/man1/klist.1 #usr/share/man/man1/kpasswd.1 #usr/share/man/man1/krb5-config.1 -#usr/share/man/man1/krb5-send-pr.1 #usr/share/man/man1/ksu.1 #usr/share/man/man1/kswitch.1 #usr/share/man/man1/ktutil.1 @@ -163,3 +163,5 @@ usr/lib/libverto.so.0.0 #usr/share/man/man8/krb5kdc.8 #usr/share/man/man8/sserver.8 var/lib/krb5kdc +var/lib/run +var/lib/run/krb5kdc diff --git a/lfs/krb5 b/lfs/krb5 index 301198239..7e346920a 100644 --- a/lfs/krb5 +++ b/lfs/krb5 @@ -24,7 +24,7 @@ include Config -VER = 1.12.1 +VER = 1.14.4 THISAPP = krb5-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP)/src TARGET = $(DIR_INFO)/$(THISAPP) PROG = krb5 -PAK_VER = 1 +PAK_VER = 2 DEPS = "" @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 4a631b3474d3e44773f1ecda96f04400 +$(DL_FILE)_MD5 = ba90f5701fc2dda76133c1f34ba4ee80 install : $(TARGET) @@ -77,7 +77,6 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_SRC)/$(THISAPP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/mitkrb-1.12.1-db2_fix-1.patch cd $(DIR_APP) && sed -e "s@python2.5/Python.h@& python2.7/Python.h@g" \ -e "s@-lpython2.5]@&,\n AC_CHECK_LIB(python2.7,main,[PYTHON_LIB=-lpython2.7])@g" \ diff --git a/lfs/samba b/lfs/samba index 369f48633..74a1b769e 100644 --- a/lfs/samba +++ b/lfs/samba @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = samba -PAK_VER = 63 +PAK_VER = 64 DEPS = "cups krb5" diff --git a/src/patches/mitkrb-1.12.1-db2_fix-1.patch b/src/patches/mitkrb-1.12.1-db2_fix-1.patch deleted file mode 100644 index f27304c38..000000000 --- a/src/patches/mitkrb-1.12.1-db2_fix-1.patch +++ /dev/null @@ -1,175 +0,0 @@ -Submitted By: Pierre Labastie -Date: 2014-03-04 -Initial Package Version: 1.12.1 -Upstream Status: In upstream GIT -Origin: Upstream -Description: Fixes http://krbdev.mit.edu/rt/Ticket/Display.html?id=7860 - ---- a/src/plugins/kdb/db2/libdb2/mpool/mpool.c -+++ b/src/plugins/kdb/db2/libdb2/mpool/mpool.c -@@ -81,9 +81,9 @@ mpool_open(key, fd, pagesize, maxcache) - /* Allocate and initialize the MPOOL cookie. */ - if ((mp = (MPOOL *)calloc(1, sizeof(MPOOL))) == NULL) - return (NULL); -- CIRCLEQ_INIT(&mp->lqh); -+ TAILQ_INIT(&mp->lqh); - for (entry = 0; entry < HASHSIZE; ++entry) -- CIRCLEQ_INIT(&mp->hqh[entry]); -+ TAILQ_INIT(&mp->hqh[entry]); - mp->maxcache = maxcache; - mp->npages = sb.st_size / pagesize; - mp->pagesize = pagesize; -@@ -143,8 +143,8 @@ mpool_new(mp, pgnoaddr, flags) - bp->flags = MPOOL_PINNED | MPOOL_INUSE; - - head = &mp->hqh[HASHKEY(bp->pgno)]; -- CIRCLEQ_INSERT_HEAD(head, bp, hq); -- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q); -+ TAILQ_INSERT_HEAD(head, bp, hq); -+ TAILQ_INSERT_TAIL(&mp->lqh, bp, q); - return (bp->page); - } - -@@ -168,8 +168,8 @@ mpool_delete(mp, page) - - /* Remove from the hash and lru queues. */ - head = &mp->hqh[HASHKEY(bp->pgno)]; -- CIRCLEQ_REMOVE(head, bp, hq); -- CIRCLEQ_REMOVE(&mp->lqh, bp, q); -+ TAILQ_REMOVE(head, bp, hq); -+ TAILQ_REMOVE(&mp->lqh, bp, q); - - free(bp); - return (RET_SUCCESS); -@@ -208,10 +208,10 @@ mpool_get(mp, pgno, flags) - * of the lru chain. - */ - head = &mp->hqh[HASHKEY(bp->pgno)]; -- CIRCLEQ_REMOVE(head, bp, hq); -- CIRCLEQ_INSERT_HEAD(head, bp, hq); -- CIRCLEQ_REMOVE(&mp->lqh, bp, q); -- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q); -+ TAILQ_REMOVE(head, bp, hq); -+ TAILQ_INSERT_HEAD(head, bp, hq); -+ TAILQ_REMOVE(&mp->lqh, bp, q); -+ TAILQ_INSERT_TAIL(&mp->lqh, bp, q); - - /* Return a pinned page. */ - bp->flags |= MPOOL_PINNED; -@@ -261,8 +261,8 @@ mpool_get(mp, pgno, flags) - * of the lru chain. - */ - head = &mp->hqh[HASHKEY(bp->pgno)]; -- CIRCLEQ_INSERT_HEAD(head, bp, hq); -- CIRCLEQ_INSERT_TAIL(&mp->lqh, bp, q); -+ TAILQ_INSERT_HEAD(head, bp, hq); -+ TAILQ_INSERT_TAIL(&mp->lqh, bp, q); - - /* Run through the user's filter. */ - if (mp->pgin != NULL) -@@ -311,8 +311,8 @@ mpool_close(mp) - BKT *bp; - - /* Free up any space allocated to the lru pages. */ -- while ((bp = mp->lqh.cqh_first) != (void *)&mp->lqh) { -- CIRCLEQ_REMOVE(&mp->lqh, mp->lqh.cqh_first, q); -+ while ((bp = mp->lqh.tqh_first) != NULL) { -+ TAILQ_REMOVE(&mp->lqh, mp->lqh.tqh_first, q); - free(bp); - } - -@@ -332,8 +332,7 @@ mpool_sync(mp) - BKT *bp; - - /* Walk the lru chain, flushing any dirty pages to disk. */ -- for (bp = mp->lqh.cqh_first; -- bp != (void *)&mp->lqh; bp = bp->q.cqe_next) -+ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next) - if (bp->flags & MPOOL_DIRTY && - mpool_write(mp, bp) == RET_ERROR) - return (RET_ERROR); -@@ -363,8 +362,7 @@ mpool_bkt(mp) - * off any lists. If we don't find anything we grow the cache anyway. - * The cache never shrinks. - */ -- for (bp = mp->lqh.cqh_first; -- bp != (void *)&mp->lqh; bp = bp->q.cqe_next) -+ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next) - if (!(bp->flags & MPOOL_PINNED)) { - /* Flush if dirty. */ - if (bp->flags & MPOOL_DIRTY && -@@ -375,8 +373,8 @@ mpool_bkt(mp) - #endif - /* Remove from the hash and lru queues. */ - head = &mp->hqh[HASHKEY(bp->pgno)]; -- CIRCLEQ_REMOVE(head, bp, hq); -- CIRCLEQ_REMOVE(&mp->lqh, bp, q); -+ TAILQ_REMOVE(head, bp, hq); -+ TAILQ_REMOVE(&mp->lqh, bp, q); - #if defined(DEBUG) && !defined(DEBUG_IDX0SPLIT) - { void *spage; - spage = bp->page; -@@ -450,7 +448,7 @@ mpool_look(mp, pgno) - BKT *bp; - - head = &mp->hqh[HASHKEY(pgno)]; -- for (bp = head->cqh_first; bp != (void *)head; bp = bp->hq.cqe_next) -+ for (bp = head->tqh_first; bp != NULL; bp = bp->hq.tqe_next) - if ((bp->pgno == pgno) && (bp->flags & MPOOL_INUSE)) { - #ifdef STATISTICS - ++mp->cachehit; -@@ -494,8 +492,7 @@ mpool_stat(mp) - - sep = ""; - cnt = 0; -- for (bp = mp->lqh.cqh_first; -- bp != (void *)&mp->lqh; bp = bp->q.cqe_next) { -+ for (bp = mp->lqh.tqh_first; bp != NULL; bp = bp->q.tqe_next) { - (void)fprintf(stderr, "%s%d", sep, bp->pgno); - if (bp->flags & MPOOL_DIRTY) - (void)fprintf(stderr, "d"); - ---- a/src/plugins/kdb/db2/libdb2/mpool/mpool.h -+++ b/src/plugins/kdb/db2/libdb2/mpool/mpool.h -@@ -47,8 +47,8 @@ - - /* The BKT structures are the elements of the queues. */ - typedef struct _bkt { -- CIRCLEQ_ENTRY(_bkt) hq; /* hash queue */ -- CIRCLEQ_ENTRY(_bkt) q; /* lru queue */ -+ TAILQ_ENTRY(_bkt) hq; /* hash queue */ -+ TAILQ_ENTRY(_bkt) q; /* lru queue */ - void *page; /* page */ - db_pgno_t pgno; /* page number */ - -@@ -59,9 +59,9 @@ typedef struct _bkt { - } BKT; - - typedef struct MPOOL { -- CIRCLEQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */ -+ TAILQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */ - /* hash queue array */ -- CIRCLEQ_HEAD(_hqh, _bkt) hqh[HASHSIZE]; -+ TAILQ_HEAD(_hqh, _bkt) hqh[HASHSIZE]; - db_pgno_t curcache; /* current number of cached pages */ - db_pgno_t maxcache; /* max number of cached pages */ - db_pgno_t npages; /* number of pages in the file */ - ---- a/src/plugins/kdb/db2/libdb2/test/run.test -+++ b/src/plugins/kdb/db2/libdb2/test/run.test -@@ -71,10 +71,11 @@ main() - } - - getnwords() { -- # Delete blank lines because the db code appears not to -- # like empty keys. On Debian Linux, $DICT appears to contain -- # some non-ASCII characters, and "rev" chokes on them. -- sed -e '/^$/d' < $DICT | cat -v | sed -e ${1}q -+ # Delete blank lines because the db code appears not to like -+ # empty keys. Omit lines with non-alphanumeric characters to -+ # avoid shell metacharacters and non-ASCII characters which -+ # could cause 'rev' to choke. -+ LC_ALL=C sed -e '/^$/d' -e '/[^A-Za-z]/d' < $DICT | sed -e ${1}q - } - - # Take the first hundred entries in the dictionary, and make them