From 55761a7b509a1e652043d60f7ec0afa47f1145a0 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 1 Feb 2022 13:07:22 -0500 Subject: [PATCH] import krb5-1.19.1-13.el9 --- SPECS/krb5.spec | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/SPECS/krb5.spec b/SPECS/krb5.spec index dfe6d1d..277654d 100644 --- a/SPECS/krb5.spec +++ b/SPECS/krb5.spec @@ -42,7 +42,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.19.1 -Release: %{?zdpd}12%{?dist} +Release: %{?zdpd}13%{?dist} # rharwood has trust path to signing key and verifies on check-in Source0: https://web.mit.edu/kerberos/dist/krb5/%{version}/krb5-%{version}%{?dashpre}.tar.gz @@ -427,14 +427,9 @@ install -pdm 755 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/authdata # list of link flags, and it helps prevent file conflicts on multilib systems. sed -r -i -e 's|^libdir=/usr/lib(64)?$|libdir=/usr/lib|g' $RPM_BUILD_ROOT%{_bindir}/krb5-config -# Temporay workaround for krb5-config reading too much from LDFLAGS. -# Upstream: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8159 -sed -r -i -e "s/-specs=\/.+?\/redhat-hardened-ld//g" $RPM_BUILD_ROOT%{_bindir}/krb5-config - -if [[ "$(< $RPM_BUILD_ROOT%{_bindir}/krb5-config )" == *redhat-hardened-ld* ]] ; then - printf '# redhat-hardened-ld for krb5-config failed' 1>&2 - exit 1 -fi +# Workaround for krb5-config reading too much from LDFLAGS. +# https://bugzilla.redhat.com/show_bug.cgi?id=1997021 +sed -r -i -e "s/-specs=[^ ]*//g" $RPM_BUILD_ROOT%{_bindir}/krb5-config # Install processed man pages. for section in 1 5 8 ; do @@ -651,6 +646,10 @@ exit 0 %{_libdir}/libkadm5srv_mit.so.* %changelog +* Fri Dec 17 2021 Antonio Torres - 1.19.1-13 +- Remove -specs= from krb5-config output +- Resolves #1997021 + * Wed Oct 20 2021 Antonio Torres - 1.19.1-12 - Fix KDC null deref on TGS inner body null server (CVE-2021-37750) - Resolves: #1997602