main/heimdal: security fix (CVE-2011-4862)

fixes #913
(cherry picked from commit f81ee55cee797b4203340cebc3f15691ac93faeb)

2 files changed, 18 insertions, 2 deletions

diff --git a/main/heimdal/APKBUILD b/main/heimdal/APKBUILD
index 6fb47a1652..cd760c3f56 100644
--- a/main/heimdal/APKBUILD
+++ b/main/heimdal/APKBUILD
@@ -2,7 +2,7 @@
 # Contributor: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=heimdal
 pkgver=1.4
-pkgrel=9
+pkgrel=10
 pkgdesc="An implementation of Kerberos 5"
 arch="all"
 url="http://www.h5l.org/"
@@ -21,6 +21,7 @@ source="http://ftp4.de.freesbie.org/pub/misc/heimdal/src/$pkgname-$pkgver.tar.gz
 005_all_heimdal-suid_fix.patch
 014_all_heimdal-path.patch
 heimdal-1.4-make.patch
+telnetd.patch
 "
 
 _builddir="$srcdir/$pkgname-$pkgver"
@@ -172,4 +173,5 @@ md5sums="31d08bbf47a77827fe97ef3f52b4c9c4  heimdal-1.4.tar.gz
 2feec3924ee5230b54175b4d4000c872  003_all_heimdal-rxapps.patch
 45aeb207f360f9f4e9e0fabc8bfeecbc  005_all_heimdal-suid_fix.patch
 8208ae8c0b6ff5ab4f64af1693e9e396  014_all_heimdal-path.patch
-fa1753ec676029cd59a3ef24da55c144  heimdal-1.4-make.patch"
+fa1753ec676029cd59a3ef24da55c144  heimdal-1.4-make.patch
+f320b91692b872e28f446f9cf1bc68bf  telnetd.patch"
diff --git a/main/heimdal/telnetd.patch b/main/heimdal/telnetd.patch
new file mode 100644
index 0000000000..9c4d10386c
--- /dev/null
+++ b/main/heimdal/telnetd.patch
@@ -0,0 +1,14 @@
+Index: crypto/heimdal/appl/telnet/libtelnet/encrypt.c
+===================================================================
+--- appl/telnet/libtelnet/encrypt.c     (revision 228798)
++++ appl/telnet/libtelnet/encrypt.c     (working copy)
+@@ -736,6 +736,9 @@
+     int dir = kp->dir;
+     int ret = 0;
+ 
++    if (len > MAXKEYLEN)
++        len = MAXKEYLEN;
++
+     if (!(ep = (*kp->getcrypt)(*kp->modep))) {
+        if (len == 0)
+            return;