notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
Port details
krb5 MIT implementation of RFC 4120 network authentication service
1.21.3 security on this many watch lists=39 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 1.21.2_3Version of this port present on the latest quarterly branch.
Maintainer: cy@FreeBSD.org search for ports maintained by this maintainer
Port Added: unknown
Last Update: 2024-02-13 18:47:53
Commit Hash: 9926898
People watching this port, also watch:: libiconv, freetype2, wget, unzip, libxml2
License: MIT
WWW:
https://web.mit.edu/kerberos/
Description:
Kerberos V5 is an authentication system developed at MIT. Abridged from the User Guide: Under Kerberos, a client sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client. The client then attempts to decrypt the TGT, using its password. If the client successfully decrypts the TGT, it keeps the decrypted TGT, which indicates proof of the client's identity. The TGT permits the client to obtain additional tickets, which give permission for specific services. Since Kerberos negotiates authenticated, and optionally encrypted, communications between two points anywhere on the internet, it provides a layer of security that is not dependent on which side of a firewall either client is on. The Kerberos V5 package is designed to be easy to use. Most of the commands are nearly identical to UNIX network programs you are already used to. Kerberos V5 is a single-sign-on system, which means that you have to type your password only once per session, and Kerberos does the authenticating and encrypting transparently. Jacques Vidrine <n@nectar.com>
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb - no subversion history for this port

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
There is no configure plist information for this port.
Dependency lines:
  • krb5>0:security/krb5
Conflicts:
CONFLICTS:
  • heimdal
  • krb5
  • krb5-11*
  • krb5-120
CONFLICTS_BUILD:
  • boringssl
To install the port:
cd /usr/ports/security/krb5/ && make install clean
To add the package, run one of these commands:
  • pkg install security/krb5
  • pkg install krb5
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: krb5
Package flavors (<flavor>: <package>)
  • default: krb5
  • ldap: krb5-ldap
distinfo:
TIMESTAMP = 1719504353 SHA256 (krb5-1.21.3.tar.gz) = b7a4cd5ead67fb08b980b21abd150ff7217e85ea320c9ed0c6dadd304840ad35 SIZE (krb5-1.21.3.tar.gz) = 9136145

Packages (timestamps in pop-ups are UTC):
krb5
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest1.21.31.21.31.18.31.21.31.21.3-1.18.3-
FreeBSD:13:quarterly1.21.31.21.31.21.21.21.31.21.31.21.21.21.21.21.2
FreeBSD:14:latest1.21.31.21.31.20.11.21.31.21.31.21-1.21
FreeBSD:14:quarterly1.21.31.21.3-1.21.31.21.31.21.21.21.21.21.2
FreeBSD:15:latest1.21.31.21.3n/a1.21.3n/a1.21.2_31.21.2_31.21.2_3
 

krb5-ldap
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest1.21.31.21.3-1.21.31.21.3---
FreeBSD:13:quarterly1.21.31.21.3-1.21.31.21.3---
FreeBSD:14:latest1.21.31.21.3-1.21.31.21.3---
FreeBSD:14:quarterly1.21.31.21.3-1.21.31.21.3---
FreeBSD:15:latest1.21.31.21.3n/a1.21.3n/a--1.21.2_3
 

Master port: security/krb5-121
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. gmake>=4.4.1 : devel/gmake
  2. gettext-runtime>=0.22_1 : devel/gettext-runtime
  3. libtool : devel/libtool
  4. pkgconf>=1.3.0_1 : devel/pkgconf
  5. msgfmt : devel/gettext-tools
  6. autoconf>=2.72 : devel/autoconf
  7. automake>=1.16.5 : devel/automake
  8. perl5>=5.36<5.37 : lang/perl5.36
Library dependencies:
  1. libintl.so : devel/gettext-runtime
  2. libreadline.so.8 : devel/readline
This port is required by:
for Build
  1. databases/mongosh
  2. databases/xrootd
  3. deskutils/gnome-initial-setup
  4. lang/dotnet
  5. lang/dotnet8
  6. net/freeipa-client
  7. net-mgmt/adcli
Expand this list (15 items / 8 hidden - sorry, this count includes any deleted ports)
  1. Collapse this list).
  2. net-mgmt/realmd
  3. security/pam_krb5
  4. security/rubygem-timfel-krb5
  5. security/sssd
  6. security/sssd2
  7. www/mod_auth_gssapi
  8. Collapse this list.

Deleted ports which required this port:

Expand this list of 2 deleted ports
  1. security/krb5-appl*
  2. security/sssd-devel*
  3. Collapse this list of deleted ports.
for Libraries
  1. databases/sqlrelay
  2. devel/rudiments
  3. editors/vscode
  4. security/pecl-krb5
  5. www/litmus

Deleted ports which required this port:

Expand this list of 2 deleted ports
  1. security/sssd-devel*
  2. sysutils/condor*
  3. Collapse this list of deleted ports.
for Run
  1. databases/xrootd
  2. deskutils/gnome-initial-setup
  3. lang/dotnet
  4. lang/dotnet8
  5. multimedia/emby-server
  6. multimedia/jellyfin
  7. net/freeipa-client
Expand this list (22 items / 15 hidden - sorry, this count includes any deleted ports)
  1. Collapse this list).
  2. net-mgmt/adcli
  3. net-mgmt/realmd
  4. net-p2p/lidarr
  5. net-p2p/prowlarr
  6. net-p2p/radarr
  7. net-p2p/readarr
  8. net-p2p/sonarr
  9. security/pam_krb5
  10. security/rubygem-timfel-krb5
  11. security/sssd
  12. security/sssd2
  13. www/mod_auth_gssapi
  14. Collapse this list.

Deleted ports which required this port:

Expand this list of 3 deleted ports
  1. multimedia/emby-server-devel*
  2. net-p2p/sonarr-devel*
  3. security/krb5-appl*
  4. Collapse this list of deleted ports.
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

Configuration Options:
===> The following configuration options are available for krb5-1.21.3: DNS_FOR_REALM=off: Enable DNS lookups for Kerberos realm names EXAMPLES=on: Build and/or install examples KRB5_HTML=on: Install krb5 HTML documentation KRB5_PDF=on: Install krb5 PDF documentation LDAP=off: LDAP protocol support LMDB=off: OpenLDAP Lightning Memory-Mapped Database support NLS=on: Native Language Support ====> Command line editing for kadmin and ktutil: you can only select none or one of them READLINE=on: Command line editing via libreadline LIBEDIT=off: Command line editing via libedit LIBEDIT_BASE=off: Use libedit in FreeBSD base ===> Use 'make config' to modify these settings
Options name:
security_krb5
USES:
autoreconf compiler:c++11-lang cpe gmake gettext-runtime gssapi:bootstrap,mit libtool:build localbase perl5 pkgconfig ssl gettext readline
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. http://web.mit.edu/kerberos/dist/krb5/1.21/
Collapse this list.
Port Moves
  • port moved here from security/krb5-118 on 2023-06-25
    REASON: Has expired: EOL one year after the release of krb5 1.19

  • port moved here from security/krb5-117 on 2022-02-01
    REASON: Has expired: EOL one year after the release of krb5 1.19

Number of commits found: 221 (showing only 100 on this page)

1 | 2 | 3  »  

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
This is a slave port. You may also want to view the commits to the master port: security/krb5-121
CommitCreditsLog message
1.21.2_3
13 Feb 2024 18:47:53
commit hash: 9926898a0c052d79aaa08708e3249fc39e633174commit hash: 9926898a0c052d79aaa08708e3249fc39e633174commit hash: 9926898a0c052d79aaa08708e3249fc39e633174commit hash: 9926898a0c052d79aaa08708e3249fc39e633174 files touched by this commit
Cy Schubert (cy) search for other commits by this committer
security/krb5*: Flavorize with default and ldap flavors

This provides a binary package to users who require MIT KRB5 with LDAP
support. This patch does not change the current, now default, package
name.

PR:		277015
1.21
06 Jun 2023 18:35:41
commit hash: 7228a09df016e36601314a600c05b1b1a58f7fa7commit hash: 7228a09df016e36601314a600c05b1b1a58f7fa7commit hash: 7228a09df016e36601314a600c05b1b1a58f7fa7commit hash: 7228a09df016e36601314a600c05b1b1a58f7fa7 files touched by this commit This port version is marked as vulnerable.
Cy Schubert (cy) search for other commits by this committer
security/krb5: krb5-121 is now default

krb5-121 is the default krb5 package. While at it remove krb5-119
from the "supported" list.
1.20
27 May 2022 13:45:07
commit hash: d33c01d9cc1864a2be757fb99caa63223cfe5519commit hash: d33c01d9cc1864a2be757fb99caa63223cfe5519commit hash: d33c01d9cc1864a2be757fb99caa63223cfe5519commit hash: d33c01d9cc1864a2be757fb99caa63223cfe5519 files touched by this commit This port version is marked as vulnerable.
Cy Schubert (cy) search for other commits by this committer
security/krb5-120: Welcome new krb5 1.20

Welcome the new krb5-120 (1.20) from MIT.

krb5-118 is now deprecated and scheduled for removal a year from
now.
1.19.3
27 May 2022 13:45:06
commit hash: 94d5d2c81e421acbadb1f21bec546fb023ce4d6ccommit hash: 94d5d2c81e421acbadb1f21bec546fb023ce4d6ccommit hash: 94d5d2c81e421acbadb1f21bec546fb023ce4d6ccommit hash: 94d5d2c81e421acbadb1f21bec546fb023ce4d6c files touched by this commit This port version is marked as vulnerable.
Cy Schubert (cy) search for other commits by this committer
security/krb5: Remove expirred krb5 version

This makefile was not updated when krb5-117 was removed.

Fixes:		e2dd87ef868d82a7b51410eedd638c76340c88fa
1.19.1
16 Apr 2021 17:06:28
commit hash: 11964e74b9165c24b41ac8e6960f727d36ac4241commit hash: 11964e74b9165c24b41ac8e6960f727d36ac4241commit hash: 11964e74b9165c24b41ac8e6960f727d36ac4241commit hash: 11964e74b9165c24b41ac8e6960f727d36ac4241 files touched by this commit This port version is marked as vulnerable.
Fernando Apesteguía (fernape) search for other commits by this committer
security/sssd: Fix package with SMB=on

While here, add comment in security/krb5 to remember the obscure dependency in
security/sssd so it does not break again.

PR:	244778
Reported by:	tommyhp2@gmail.com
Tested by:	tommyhp2@gmail.com
MFH:		2021Q2 (build fix)
1.19.1
07 Apr 2021 08:09:01
commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash: cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash: cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c files touched by this commit This port version is marked as vulnerable.
Mathieu Arnold (mat) search for other commits by this committer
One more small cleanup, forgotten yesterday.
Reported by:	lwhsu
1.19.1
06 Apr 2021 14:31:07
commit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344ebcommit hash: 305f148f482daf30dcf728039d03d019f88344eb files touched by this commit This port version is marked as vulnerable.
Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
1.19.1
07 Mar 2021 11:00:46
Revision:567561Original commit files touched by this commit This port version is marked as vulnerable.
rene search for other commits by this committer
security/krb5: Remove option for non-existant krb5-116
1.19
02 Feb 2021 05:01:03
Revision:563782Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Welcome the new KRB5 1.19 (krb5-119)

In addition, deprecate krb5-117 to retire one year after the release
of krb5-119: Feb 1, 2022.

krb5-119 becomes the default krb5 port.
1.18
19 Feb 2020 02:42:55
Revision:526479Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Welcome the new KRB5 1.18 (krb5-118)

In addition, deprecate krb5-116 to retire one year after the release
of krb5-118: Feb 12, 2021.

Major changes in 1.18 (2020-02-12)
==================================

Administrator experience:

* Remove support for single-DES encryption types.

* Change the replay cache format to be more efficient and robust.
  Replay cache filenames using the new format end with ".rcache2" by
  default.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.17.1
31 Jan 2020 14:11:18
Revision:524712Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
krb5-115 is now history.
1.17
08 Jan 2019 20:29:34
Revision:489737Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Welcome the new KRB5 1.17 (krb5-117).

Major changes in 1.17 (2019-01-08)
==================================

Administrator experience:

* A new Kerberos database module using the Lightning Memory-Mapped
  Database library (LMDB) has been added.  The LMDB KDB module should
  be more performant and more robust than the DB2 module, and may
  become the default module for new databases in a future release.

* "kdb5_util dump" will no longer dump policy entries when specific
  principal names are requested.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.16.2
31 Dec 2018 20:26:38
Revision:488834Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Now that krb5-114 is gone, remove the option too.
1.16_1
26 Feb 2018 20:16:12
Revision:463045Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Make krb5-116 default.
1.15.2
06 Dec 2017 04:18:14
Revision:455634Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Welcome the new security/krb5-116 port. This port follows MIT's
KRB5 1.16 releases.

Major changes in 1.16 (2017-12-05)
==================================

Administrator experience:

* The KDC can match PKINIT client certificates against the
  "pkinit_cert_match" string attribute on the client principal entry,
  using the same syntax as the existing "pkinit_cert_match" profile
  option.

* The ktutil addent command supports the "-k 0" option to ignore the
  key version, and the "-s" option to use a non-default salt string.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.15.2
05 Dec 2017 08:01:28
Revision:455567Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Follow up on r455423.

Pointy hat to:	rene
1.15.1
04 Mar 2017 00:14:38
Revision:435379Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Now that krb5 1.15.1 is GA, make krb5-115 default.
1.14.4
03 Dec 2016 05:26:30
Revision:427589Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Remove expired krb5-112. It was mistakenly "re-added" by r427588.
1.14.4
03 Dec 2016 00:54:23
Revision:427588Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Welcome the new security/krb5-115 port. This port follows MIT's
KRB5 1.15 releases.

To support this new ports:

- The security/krb5 port includes an option to use this port instead
  of krb5-114 as its base. krb5-114 will remain the default until the
  next release of KRB5 1.15 (if it's stable of course).

- MIT by default deprecates KRB5 two versions back from the current
  release. krb5-113 has been deprecated and will expire one year from
  now.
1.14
15 Dec 2015 05:02:21
Revision:403760Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
This is the second part of two commits, the first being r403749.

Adopt the same port structure as used by the cfengine family of ports:

security/krb5 is renamed to security/krb5-114.

A brand new security/krb5 now becomes a master port for the family of
security/krb5-* ports. The default installs krb5-1.14. There is no
functional change to the port build nor does the name of the latest krb5
port and package change. Users can continue to install security/krb5
to track the latest major version of security/krb5.

Users wishing to install a specific version branch of krb5 can continue
to install any of the security/krb5-* ports or by setting KRB5_VERSION
in make.conf make.conf or including the branch on the make command line
during build:

	make KRB5_VERSIN=NNN

make -V VERSIONS lists available versions.

security/krb5-appl has been updated to support this change (also fixing
a typo in the krb5-appl/Makefile).

Inspired by:            sysutils/cfengine
1.14
15 Dec 2015 04:57:49
Revision:403759Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Move security/krb5 to security/krb5-114 in preparation for restructuring
of the krb5 faimily of ports.

Inspired by:	the cfengine family of ports
1.14
21 Nov 2015 08:47:13
Revision:402143Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Introduce the new krb5 1.14:

- move (copy) krb5 (krb5 1.13.2) to krb5-113 (new, added)
- update krb5 1.13.2 --> 1.14
- update CONFLICTS in krb5, krb5-112 and krb5-113.
- update krb5-appl to allow optional dependency on krb5-113.
- update security/Makefile with copied krb5-113.
- deprecate and expire krb5-112 (krb5-1.12) on November 20, 2016, as it
  will EOL twelve months after the release of krb5-1.14.
1.13.2_5
21 Oct 2015 06:59:10
Revision:399891Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Add sonames and minor versioned library names.

PR:             203882
1.13.2_4
19 Oct 2015 07:29:08
Revision:399634Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Bump PORTREVISION.
1.13.2_3
19 Oct 2015 07:13:33
Revision:399631Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix READLINE option.
Add support for libedit (LIBEDIT option).
Both command line editing options now supported by RADIO button.
1.13.2_3
31 Aug 2015 13:01:53
Revision:395671Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Remove configuration argument used during testing.
1.13.2_3
31 Aug 2015 07:18:23
Revision:395651Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix build under 11-CURRENT. r378417 introduced a libreadline link
workaround due to libtool not working with 11-CURRENT at the time.
The workaround now causes grief under 11-CURRENT and needs to be
removed.

PR:		202782
1.13.2_2
06 Jun 2015 20:27:21
Revision:388684Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
MIT KRB5 ports build unusable binaries due to incorrect linking
when build under poudriere. This commit fixes that.
1.13.2_1
10 May 2015 15:16:08
Revision:385961Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix armv5 build.

PR:		200100
Submitted by:	mikael.urankar@gmail.com
1.13.2
09 May 2015 13:12:59
Revision:385889Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.13.1 --> 1.13.2
1.13.1_1
20 Apr 2015 19:06:30
Revision:384380Original commit files touched by this commit This port version is marked as vulnerable.
tijl search for other commits by this committer
- Display a stage-qa warning when ports use PREFIX/var instead of /var
- Add --localstatedir=/var to _LATE_CONFIGURE_ARGS (like --mandir) but not
  when CONFIGURE_ARGS already sets it.  (GNU configure scripts set it to
  PREFIX/var when PREFIX != /usr.)
- Add --localstatedir="${PREFIX}/var" to CONFIGURE_ARGS in some ports so
  they aren't affected by this change (for now at least).  This commit is
  meant to ensure that new ports don't make the same mistake.

- games/acm: the configure script in this port is very old; instead of
  patching it more, just replace GNU_CONFIGURE with HAS_CONFIGURE.
- irc/charybdis: it already used /var but adding --localstatedir=/var
  changed the behaviour of the configure script; adjust the port to this.

PR:		199506
Exp-run by:	antoine
Approved by:	portmgr (antoine)
1.13.1_1
05 Mar 2015 18:49:28
Revision:380546Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
dvertise CPE data for Kerberos.

PR:		197465
1.13.1_1
20 Feb 2015 20:59:09
Revision:379469Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix broken rpath.

Submitted by:	hrs
1.13.1
13 Feb 2015 01:27:18
Revision:378907Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.13 --> 1.13.1, incorporates MITKRB5-SA-2015-001 (committed in
r378417).
1.13_2
12 Feb 2015 21:15:15
Revision:378897Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix gcc5 build for DragonFly BSD.

PR:		197561
Submitted by:	marino
1.13_1
05 Feb 2015 03:39:14
Revision:378441Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Correct various packaging issues:

 - Libraries are not installed stripped;
 - pkgconfig files should be installed to libdata;
 - Use of deprecated @dirrm[try]

PR:		PR/197338
Submitted by:	delphij
1.13_1
04 Feb 2015 20:47:05
Revision:378417Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Address: krb5 -- Vulnerabilities in kadmind, libgssrpc,
gss_process_context_token VU#540092

CVE-2014-5352: gss_process_context_token() incorrectly frees context

CVE-2014-9421: kadmind doubly frees partial deserialization results

CVE-2014-9422: kadmind incorrectly validates server principal name

CVE-2014-9423: libgssrpc server applications leak uninitialized bytes

Security:	VUXML: 24ce5597-acab-11e4-a847-206a8a720317
Security:	MIT KRB5: VU#540092
Security:	CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
1.13
14 Dec 2014 11:44:25
Revision:374698Original commit files touched by this commit This port version is marked as vulnerable.
antoine search for other commits by this committer
- Remove support for EXTRACT_PRESERVE_OWNERSHIP
- Update a few comments related to extract

Differential Revision:	https://reviews.freebsd.org/D1189
With hat:	portmgr
1.13
18 Oct 2014 17:05:56
Revision:371142Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix LATEST_LINK.
1.13
16 Oct 2014 19:44:22
Revision:371019Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
MIT Kerberos released 1.13; 1.12 becomes a maintenance release,
1.11 remains a maintenance release.

- Update security/krb5 1.12.2 --> 1.13
- Copy the old security/krb5 1.12.2 to security/krb5-112
  (now a maintenance release supported by MIT)
- Move the old krb5-maint (1.11.5: old maintenance release) to
  security/krb5-111 (the old maintenance release still supported by MIT)
1.12.2
13 Aug 2014 18:32:03
Revision:364798Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.12.1 --> 1.12.2.

Add readline non-default option.
1.12.1_4
29 Jul 2014 14:30:10
Revision:363328Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Rename security/ patches to reflect the files they modify.
1.12.1_4
24 Jul 2014 18:34:16
Revision:362835Original commit files touched by this commit This port version is marked as vulnerable.
tijl search for other commits by this committer
net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample
(Only the first 15 lines of the commit message are shown above View all of this commit message)
1.12.1_3
27 May 2014 19:59:41
Revision:355569Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix build when KRB5_HOME != LOCALBASE.

Submitted by:	hrs
1.12.1_3
06 May 2014 04:04:30
Revision:353055Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Allow package build (make stage/make package) for non-root user.

Submitted by:	John Hein <john.hein@microsemi.com>
1.12.1_3
24 Apr 2014 03:53:30
Revision:351983Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Finely tune KRB5_HOME test when using LIB_DEPENDS. in the case when
KRB5_HOME is set to LOCALBASE.
1.12.1_3
23 Apr 2014 02:55:24
Revision:351910Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Remove extraneious MAN assignments.
1.12.1_3
21 Apr 2014 15:55:08
Revision:351689Original commit files touched by this commit This port version is marked as vulnerable.
brd search for other commits by this committer
- Add a startup script for kpropd

PR:		183502
Submitted by:	brd@
Approved by:	bdrewery@
1.12.1_2
19 Apr 2014 03:45:41
Revision:351580Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix new patch.

Point hat to:	self
1.12.1_1
18 Apr 2014 02:21:57
Revision:351512Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
KRB5_HOME no longer works with LIB_DEPENDS. Mark broken when set.
1.12.1_1
17 Apr 2014 20:06:33
Revision:351495Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
1. Fix build when using clang 3.4.
2. RTM_OLDADD and RTM_OLDDEL were removed from -stable. Thanks alfred@ for
   this patch.
3. Stagify.

Submitted by:	alfred (#2)
1.12.1
16 Jan 2014 13:49:42
Revision:339911Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.12 --> 1.12.1
1.12
12 Dec 2013 05:19:57
Revision:336247Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update krb5 to 1.12. Security/krb5 tracks MIT KRB5 current release.

Adjust the newly created krb5-maint with a new portname and conflicts.
Krb5-maint is a maintenance release for those who wish to use the previous
release of krb5. krb5-maint remains at 1.11.3.

Adjust CONFLICTS in security/heimdal and security/srp to account for the
newly repocopied krb5-maint.

Adjust security/Makefile to include krb5-maint.
1.11.3_2
11 Dec 2013 20:50:17
Revision:336221Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
pkg-plist fixup.
1.11.3_2
11 Dec 2013 03:45:23
Revision:336138Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Add LDAP support.

PR:		184557
Submitted by:	Erick Turnquist <jhujhiti@adjectivism.org>
1.11.3_1
20 Sep 2013 22:55:26
Revision:327769Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
1.11.3_1
16 Sep 2013 16:58:42
Revision:327417Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
Convert to new perl framework
Convert USE_GMAKE to USES=gmake
1.11.3_1
21 Jun 2013 16:40:56
Revision:321478Original commit files touched by this commit This port version is marked as vulnerable.
antoine search for other commits by this committer
Add an empty directory created by the port to pkg-plist

Approved by:	portmgr (miwi)
1.11.3
04 Jun 2013 04:45:23
Revision:319823Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update krb5 1.11.2 --> 1.11.3.

This is a bugfix release.

* Fix a UDP ping-pong vulnerability in the kpasswd (password changing)
  service.  [CVE-2002-2443]

* Improve interoperability with some Windows native PKINIT clients.

Security:	CVE-2002-2443
1.11.2
24 Apr 2013 18:10:32
Revision:316464Original commit files touched by this commit This port version is marked as vulnerable.
ak search for other commits by this committer
- Convert USE_GETTEXT to USES (part 3)

Approved by:	portmgr (bapt)
1.11.2
17 Apr 2013 00:41:38
Revision:315921Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.11.1 --> 1.11.2

Major changes in 1.11.2 (2013-04-12)
====================================

This is a bugfix release.

* Incremental propagation could erroneously act as if a slave's
  database were current after the slave received a full dump that
  failed to load.

* gss_import_sec_context incorrectly set internal state that
  identifies whether an imported context is from an interposer
  mechanism or from the underlying mechanism.

Feature safe:	yes
1.11.1_1
29 Mar 2013 19:33:42
Revision:315566Original commit files touched by this commit This port version is marked as vulnerable.
cs search for other commits by this committer
- Remove A/An in COMMENT
- Trim Header where applicable
1.11.1_1
05 Mar 2013 16:10:39
Revision:313458Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Reset ulog if database load failed.
Avoids a slave reporting it is current when a full resync fails.

Obtained
from:	https://github.com/rbasch/krb5/commit/2ef5ae0607d1c317a936e439b4be7a6f5184dc
1.11.1
22 Feb 2013 20:03:17
Revision:312788Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.11 --> 1.11.1.

Security:	Fix a null pointer dereference in the KDC PKINIT code [CVE-2013-1415].
1.11
24 Jan 2013 14:15:26
Revision:310931Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix verto.h missing build error on some systems.

The following contributed by mandree@:
	- Header standardization.

	- Make use of OptionsNG.

	- Make portlint happy.
1.11
22 Jan 2013 04:03:18
Revision:310802Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.10.3 --> 1.11
1.10.3_1
04 Nov 2012 02:10:50
Revision:306950Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix plist.

Feature safe:	yes
1.10.3
03 Nov 2012 18:59:38
Revision:306935Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update krb5 1.9.2 --> 1.10.3

Feature safe:	yes
1.9.2_3
09 Jul 2012 19:20:09
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix build of security/krb5 with clang.

PR:             169740
Submitted by:           Niclas Zeising <zeising@daemonic.se>
1.9.2_3
01 Jun 2012 05:26:28
Original commit files touched by this commit This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update png to 1.5.10
1.9.2_2
06 Apr 2012 07:41:20
Original commit files touched by this commit This port version is marked as vulnerable.
pav search for other commits by this committer
- pointyhat kludge - tetex drags in port-OpenSSL on 7.X, but only as a build
  dependency. Yet this triggers autodetection code in bsd.openssl.mk and
  OpenSSL dependency is registered with the resulting package, creating a
  discord between INDEX and actual package. Work around by explicitly recording
  the dependency in a way that INDEX build will see.

OK'ed by:       cy (maintainer)
Feature safe:   yes
1.9.2_1
14 Dec 2011 04:33:23
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
PORTREVISION bump.

PR:             163272
Feature safe:   yes
1.9.2
14 Dec 2011 04:31:22
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Apply patch for MITKRB5-SA-2011-007, KDC null pointer dereference in TGS
handling.

PR:             163272
Submitted by:   zi
Security:       6c7d9a35-2608-11e1-89b4-001ec9578670
Feature safe:   yes
1.9.2
16 Nov 2011 20:38:49
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.9.1 --> 1.9.2. This is a bugfix release.

Feature safe:   yes
1.9.1_1
06 Sep 2011 15:55:36
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Apply patch from MIT KRB5 GIT tree commit: 043533c2f13d2bc69316.

libgssrpc was ignorant of the remote address of the kadmin socket,
even when it's IPv4.  This made old-style GSSAPI authentication fail
because it uses the wrong channel bindings.  Fix this problem by making
clnttcp_create() get the remote address from the socket using getpeername()
if the caller doesn't provide it and it's an IPv4 address.

PR:             160500
Submitted by:   Ben Kaduk <kaduk@mit.edu>
1.9.1
30 Jun 2011 04:03:11
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update 1.9 --> 1.9.1.

PR:             158520
Submitted by:   Ryan Steinmetz <rpsfa@rit.edu>
1.9_5
14 Apr 2011 00:39:26
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Apply patch for MITKRB5-SA-2011-004, kadmind invalid pointer free()
[CVE-2011-0285]

Security:       MITKRB5-SA-2011-004, CVE-2011-0285
Feature safe:   yes
1.9_4
08 Apr 2011 21:03:14
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Bump PORTREVISION.
1.9_3
08 Apr 2011 21:02:41
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Adjust krb5-config when $KRB5_HOME is specified. This will allow applications
linking aganst the MIT krb5 libraries to link using the correct ones.
1.9_3
25 Mar 2011 00:19:02
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Apply patch for MITKRB5-SA-2011-003, KDC vulnerable to double-free when
PKINIT enabled.

Obtained from:  http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-003.txt
Security:       MITKRB5-SA-2011-003, CVE-2011-0284
Feature safe:   yes
1.9_2
11 Feb 2011 01:04:09
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Apply fixes for kpropd denial of service (MITKRB5-SA-2011-001) and KDC
denial of service (MITKRB5-SA-2011-002).

Security:       MITKRB5-SA-2011-001 (CVE-2010-4022),
                MITKRB5-SA-2011-002 (CVE-2011-0281)
1.9_1
18 Jan 2011 15:06:25
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Remove the OpenSSL port requirement. The base OpenSSL will work too.

Feature safe:   yes
1.9
23 Dec 2010 01:04:41
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update from 1.8.3_2 to 1.9.
1.8.3_2
04 Dec 2010 07:34:27
Original commit files touched by this commit This port version is marked as vulnerable.
ade search for other commits by this committer
Sync to new bsd.autotools.mk
1.8.3_2
02 Dec 2010 02:09:23
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Fix security vulnerabilities CVE-2010-1324, CVE-2010-1323, CVE-2010-4020,
CVE-2010-4021, and CVE-2010-1322.

PR:             152755
Submitted by:   wollman
Security:       CVE-2010-1324, CVE-2010-1323, CVE-2010-4020, CVE-2010-4021,
                and CVE-2010-1322.
Feature safe:   Yes
1.8.3_1
04 Nov 2010 04:37:36
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Enable ksu DEBUG (-D) flag.
1.8.3
05 Aug 2010 22:37:11
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Update to 1.8.3.

PR:             149299
Submitted by:   gwollman
1.8.1_1
25 May 2010 05:14:16
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Apply patch for MIT KRB5 security vulnerability MITKRB5-SA-2010-005.

PR:             146939
Submitted by:   wollman
Security:       MIT krb5 Security Advisory 2010-005
1.8.1
24 May 2010 00:01:05
Original commit files touched by this commit This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- No longer broken on -current b/c of utmpx changes

PR:             ports/146384
Submitted by:   pgollucci@ (myself), others
Approved by:    maintainer timeout (cy@, 16 days)
1.8.1
26 Apr 2010 03:48:43
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Welcome the new krb5-1.8.1. Significant changes include the removal of
the MIT KRB5 applications (now in a separate tarball and port).
1.7_2
26 Apr 2010 03:23:08
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
MFkrb5-17.
1.6.3_9
14 Apr 2010 20:21:10
Original commit files touched by this commit This port version is marked as vulnerable.
pav search for other commits by this committer
- Mark BROKEN: does not compile

Reported by:    pointyhat
1.6.3_9
28 Mar 2010 06:47:48
Original commit files touched by this commit This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to 1.4.1
Reviewed by:    exp8 run on pointyhat
Supported by:   miwi
1.6.3_8
17 Mar 2010 06:48:40
Original commit files touched by this commit This port version is marked as vulnerable.
miwi search for other commits by this committer
- Mark BROKEN: fails to build with new utmpx

Reported by:    pointyhat
1.6.3_8
05 Feb 2010 11:46:55
Original commit files touched by this commit This port version is marked as vulnerable.
dinoex search for other commits by this committer
- update to jpeg-8
1.6.3_7
13 Oct 2009 21:37:19
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Remove commented out option from a bygone era.
1.6.3_7
28 Aug 2009 20:02:01
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Remove redundant length check.
1.6.3_6
02 Aug 2009 19:36:34
Original commit files touched by this commit This port version is marked as vulnerable.
mezz search for other commits by this committer
-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.

It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.

With help:      marcus and kwm
Pointyhat-exp:  a few times by pav
Tested by:      pgollucci, "Romain Tartière" <romain@blogreen.org>, and
                a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by:    marcus
Approved by:    portmgr
1.6.3_6
31 Jul 2009 13:57:52
Original commit files touched by this commit This port version is marked as vulnerable.
dinoex search for other commits by this committer
- bump all port that indirectly depends on libjpeg and have not yet been bumped
or updated
Requested by:   edwin
1.6.3_5
23 May 2008 21:01:58
Original commit files touched by this commit This port version is marked as vulnerable.
cy search for other commits by this committer
Convert missing WANT_KRB5_DOC pieces.

Add HTML documentation OPTION knob.

Number of commits found: 221 (showing only 100 on this page)

1 | 2 | 3  »