CVSROOT: /cvs Module name: ports Changes by: rob...@cvs.openbsd.org 2022/11/16 01:47:38
Modified files: security/heimdal: Makefile distinfo security/heimdal/patches: patch-lib_hx509_softp11_c patch-lib_krb5_krb5_h security/heimdal/pkg: PLIST-devel-docs PLIST-libs Removed files: security/heimdal/patches: patch-lib_hdb_hdb-mitdb_c Log message: security update to 7.8.0; fixes several CVEs: CVE-2022-42898 PAC parse integer overflows CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec ok aja@