security/pam_krb5: Revert "security/pam_krb5: IGNORE for CVE-2023-3326"

Discussing with our upstream, he is aware of CVE-2023-3326. Work to add generalized anti-spoofing is planned. In the mean time he recommends using FAST (anon_fast) to mitigate CVE-2023-3326. anon_fast already includes built-in anti-spoofing. More discussion is here: https://github.com/rra/pam-krb5/blob/main/docs/pam_krb5.pod#L53 This reverts commit 41afd03d9c8e76fe42c555b1274fec069f83ecae.
author: Cy Schubert <cy@FreeBSD.org> 2023-08-21 18:59:59 +0000
committer: Cy Schubert <cy@FreeBSD.org> 2023-08-21 19:06:59 +0000
commit: 5d50183d2c7e9ff0a7f7113702506933a6fce4b8 (patch)
tree: 11bca3a66d54a21f6797e1c37650bb69f2644fd5
parent: 2994c2f1417273495aca22f23bc3f3aafcf7368f (diff)
1 files changed, 0 insertions, 2 deletions
diff --git a/security/pam_krb5/Makefile b/security/pam_krb5/Makefile
index 6a898f6aa535..afe524587a76 100644
--- a/security/pam_krb5/Makefile
+++ b/security/pam_krb5/Makefile
@@ -14,8 +14,6 @@ LICENSE=		BSD3CLAUSE GPLv1+
 LICENSE_COMB=		dual
 LICENSE_FILE=		${WRKSRC}/LICENSE
 
-IGNORE=			CVE-2023-3326, https://github.com/rra/pam-krb5/issues/27
-
 USES=			gmake libtool perl5
 USE_PERL5=		build
author	Cy Schubert <cy@FreeBSD.org>	2023-08-21 18:59:59 +0000
committer	Cy Schubert <cy@FreeBSD.org>	2023-08-21 19:06:59 +0000
commit	5d50183d2c7e9ff0a7f7113702506933a6fce4b8 (patch)
tree	11bca3a66d54a21f6797e1c37650bb69f2644fd5
parent	2994c2f1417273495aca22f23bc3f3aafcf7368f (diff)