02c6211f1a
* CVE-2011-1947
- use timeouts for IMAP STARTTLS/POP3 STLS negotiation which could cause
fetchmail freezes if a server was hanging.
* security improvements to defang X.509 certificate abuse
- require wildcard CN/subject alternative names to start with "*." not just "*"
- don't allow wildcards to match domain literals (such as 10.9.8.7) or
wildcards in domain literals ("*.168.23.23").
- don't allow wildcarding top-level domains.
13 lines
576 B
Plaintext
13 lines
576 B
Plaintext
$OpenBSD: patch-configure,v 1.18 2011/06/06 13:57:07 sthen Exp $
|
|
--- configure.orig Mon Jun 6 12:22:44 2011
|
|
+++ configure Mon Jun 6 14:18:30 2011
|
|
@@ -9300,7 +9300,7 @@ $as_echo "#define HEIMDAL 1" >>confdefs.h
|
|
$as_echo "#define KERBEROS_V5 1" >>confdefs.h
|
|
|
|
CFLAGS="$CFLAGS -I/usr/include/kerberosV"
|
|
- LIBS="$LIBS -lasn1 -lkrb5 -lcom_err -lkafs"
|
|
+ LIBS="$LIBS -lkrb5"
|
|
elif krb5-config 2> /dev/null >/dev/null ; then
|
|
krb5_prefix=`krb5-config --prefix krb5`
|
|
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: krb5-config points to kerberosV under $krb5_prefix" >&5
|