From 346e3101fe1df95e2199d615382bf357dcecbebf Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@fedoraproject.org>
Date: Oct 01 2008 19:01:44 +0000
Subject: update to 2.3.2 to fix CVE-2008-3825 (vulnerability when "existing_ticket"

    is used)

---

diff --git a/.cvsignore b/.cvsignore
index 060f1f8..fb45a1a 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1,2 @@
 pam_krb5-2.3.0-1.tar.gz
+pam_krb5-2.3.1-1.tar.gz
diff --git a/pam_krb5.spec b/pam_krb5.spec
index 49f2228..ccf400d 100644
--- a/pam_krb5.spec
+++ b/pam_krb5.spec
@@ -1,7 +1,7 @@
 Summary: A Pluggable Authentication Module for Kerberos 5.
 Name: pam_krb5
-Version: 2.3.0
-Release: 2%{?dist}
+Version: 2.3.2
+Release: 1%{?dist}
 Source0: pam_krb5-%{version}-1.tar.gz
 License: BSD or LGPLv2+
 Group: System Environment/Base
@@ -32,10 +32,12 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/security/*.la
 # Make the paths jive to avoid conflicts on multilib systems.
 sed -ri -e 's|/lib(64)?/|/\$LIB/|g' $RPM_BUILD_ROOT/%{_mandir}/man*/pam_krb5*.8*
 
+%find_lang %{name}
+
 %clean
 [ "$RPM_BUILD_ROOT" != "/" ] && rm -fr $RPM_BUILD_ROOT
 
-%files
+%files -f %{name}.lang
 %defattr(-,root,root)
 %{_bindir}/*
 /%{_lib}/security/pam_krb5.so
@@ -46,11 +48,19 @@ sed -ri -e 's|/lib(64)?/|/\$LIB/|g' $RPM_BUILD_ROOT/%{_mandir}/man*/pam_krb5*.8*
 %{_mandir}/man8/*
 %doc README* COPYING* ChangeLog NEWS
 
-# $Id: pam_krb5.spec,v 1.63 2008/08/27 20:38:37 spot Exp $
+# $Id: pam_krb5.spec,v 1.64 2008/10/01 19:01:44 nalin Exp $
 %changelog
+* Wed Oct  1 2008 Nalin Dahyabhai <nalin@redhat.com> - 2.3.2-1
+- fix ccache permissions bypass when the "existing_ticket" option is used
+  (CVE-2008-3825)
+
 * Wed Aug 27 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 2.3.0-2
 - fix license tag
 
+* Wed Apr  9 2008 Nalin Dahyabhai <nalin@redhat.com> - 2.3.1-1
+- don't bother trying to set up a temporary v4 ticket file during session open
+  unless we obtained v4 creds somewhere
+
 * Mon Mar 10 2008 Nalin Dahyabhai <nalin@redhat.com> - 2.3.0-1
 - add a "null_afs" option
 - add a "token_strategy" option
diff --git a/sources b/sources
index 809c1fe..8e2aab3 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-83cdefd14a8104c7c1b8960267882912  pam_krb5-2.3.0-1.tar.gz
+f11bf537b2bc0a9b7b800969f0238ba7  pam_krb5-2.3.1-1.tar.gz