Accepted cyrus-sasl2 2.1.19-1.1 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 14 Aug 2004 13:04:38 -0300
Source: cyrus-sasl2
Binary: libsasl2 libsasl2-modules-sql sasl2-bin libsasl2-modules libsasl2-dev libsasl2-modules-gssapi-heimdal libsasl2-modules-kerberos-heimdal
Architecture: source i386
Version: 2.1.19-1.1
Distribution: unstable
Urgency: medium
Maintainer: Dima Barsky <dima@debian.org>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Description:
libsasl2 - Authentication abstraction library
libsasl2-dev - Development files for authentication abstraction library
libsasl2-modules - Pluggable Authentication Modules for SASL
libsasl2-modules-gssapi-heimdal - Pluggable Authentication Modules for SASL
libsasl2-modules-kerberos-heimdal - Pluggable Authentication Modules for SASL
libsasl2-modules-sql - Pluggable Authentication Modules for SASL
sasl2-bin - Programs for manipulating the SASL users database
Closes: 202836 242184 245818 248333 256808 262339
Changes:
cyrus-sasl2 (2.1.19-1.1) unstable; urgency=medium
.
* NMU with permission from the maintainer
* Release Manager:
SASL 2.1.18 (currently in sarge) is very unusable. Please accept
this upload for sarge. The main reasons justifying this are:
* Security fixes from upstream: at least one buffer overflow
was plugged in 2.1.19, and the code was made more secure, which may
have plugged other latent security bugs.
* Essential feature: 2.1.18 has a very bad regression in that saslauthd
cannot support realms embedded inside the username as previous
versions did. However, that regression is exactly how it should be
behaving since day one, never mind that too many setups are hopeless
with the realm information out-of-band. 2.1.19 adds a "-r" option to
saslauthd which restores the former behaviour. Both behaviours are
needed, depending on the SASL mechs being used (one sends the realm
out-of-band, the other in-band). Users have complained loudly about
this issue, not only in Debian, but in the SASL and Cyrus IMAP
mailinglists as well. For way too many people and setups, "-r" is
essential
* Essential bug fixes: Digest-MD5 and GSSAPI are quite broken in
2.1.18, and extensive fixes were applied on them in 2.1.19. In fact,
2.1.18 GSSAPI does _not_ work completely right against Heimdall and
MIT kerberos.
* ABI version issue: the 2.1.19-1 Debian package was uploaded to
_unstable_ before the freeze. Maybe because of that, the maintainer
did upgrade the shlibs dependency to 2.1.19 (I have confirmed that to be
required for SASL modules, so it appears to be really required).
Packages built in _unstable_ since them are being held back due to
this issue. The best fix for packages that use libsasl2 *is* getting
this new version into sarge, due to all other fixes.
* Bugs closed in 2.1.19-1, but not ackwnoleged before:
* Fix FTBFS in hppa, due to broken libtool usage, thanks to Steve Langasek
for the patch (closes: #245818)
* 2.1.19 supports saslauthd "-r" option (closes: #248333, #256808)
* Changes in this NMU:
* upstream CVS: plugins/digestmd5.c: Fix handling of client realm callback
* upstream CVS: plugins/gssapi.c: Memory management cleanup
* upstream CVS: configure.in, plugins/gssapi.c: Wrap all GSS calls
in mutexes when required by the implementation (closes: #202836)
THIS PATCH PROBABLY SHOULD BE SET TO DISABLED BY DEFAULT WHEN MIT
KERBEROS 1.3.5 ENTERS UNSTABLE
(see https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2255)
* Libtool is refreshed at every build, so this upload closes: #262339
* debian/control: build-depend on debhelper (>= 4)
* debian/control: build-depend on libtool (>= 1.5.6) instead of (>=
1.5.2-1)
* Fix initscript to return status 0 if stop called when daemon is
already stopped (closes: #242184)
Files:
0e575c5ccb0c4ce0b534d81c78071547 1062 devel important cyrus-sasl2_2.1.19-1.1.dsc
b0300d23682d9b70573637471a018fc5 25845 devel important cyrus-sasl2_2.1.19-1.1.diff.gz
e265fc81110bdd8e043db7625ee93502 112276 utils important sasl2-bin_2.1.19-1.1_i386.deb
4c406d61da5ccf78bfb3681b24778233 155392 libs important libsasl2-modules_2.1.19-1.1_i386.deb
802ed026d8cd76cb1340adad3b2ad254 50478 libs optional libsasl2-modules-sql_2.1.19-1.1_i386.deb
cba51fb1127d30a3c59742f6320bf0c9 52510 libs optional libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb
90bcd98138e91453982b09cd41dad1ed 52198 libs optional libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb
ff6062fbd46846751754b75f87fc0520 257506 libs important libsasl2_2.1.19-1.1_i386.deb
4766e04a0d9e4ba31523e3b313cb8fcd 245244 libdevel optional libsasl2-dev_2.1.19-1.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBH5oW7iXePxzbD+MRAmqrAJ9ab9vXiRde7XVsvwH8DaUxPIEVEgCgj9hx
Mf8AxqcZDulPKgCnxeDyDb4=
=ct5c
-----END PGP SIGNATURE-----
Accepted:
cyrus-sasl2_2.1.19-1.1.diff.gz
to pool/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19-1.1.diff.gz
cyrus-sasl2_2.1.19-1.1.dsc
to pool/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19-1.1.dsc
libsasl2-dev_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.1_i386.deb
libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb
libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb
libsasl2-modules-sql_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.1_i386.deb
libsasl2-modules_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.1_i386.deb
libsasl2_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2_2.1.19-1.1_i386.deb
sasl2-bin_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.1_i386.deb
Reply to: