Accepted cyrus-sasl 1.5.28-6.2 (i386 source)

To: debian-devel-changes@lists.debian.org
Subject: Accepted cyrus-sasl 1.5.28-6.2 (i386 source)
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Fri, 08 Oct 2004 11:33:24 -0400
Message-id: <[🔎] E1CFwkG-0004B6-00@newraff.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri,  8 Oct 2004 12:04:47 -0300
Source: cyrus-sasl
Binary: libsasl-digestmd5 libsasl-gssapi-heimdal sasl-bin libsasl-dev libsasl-modules-plain libsasl7
Architecture: source i386
Version: 1.5.28-6.2
Distribution: unstable
Urgency: emergency
Maintainer: Dima Barsky <dima@debian.org>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Description: 
 libsasl-dev - Development files for authentication abstraction library
 libsasl-digestmd5 - DIGEST-MD5 module for SASL
 libsasl-gssapi-heimdal - GSSAPI Authentication Module for SASL
 libsasl-modules-plain - Basic Pluggable Authentication Modules for SASL
 libsasl7   - Authentication abstraction library
 sasl-bin   - Programs for manipulating the SASL users database
Closes: 275432
Changes: 
 cyrus-sasl (1.5.28-6.2) unstable; urgency=emergency
 .
   * NMU
   * SECURITY FIX: SASL_PATH environment variable must not be honoured on
     setuid environments, otherwise we have a local privilege escalation
     exploit (CVE: CAN-2004-0884), related advisories:
     RHSA-2004:546-02; GLSA 200410-05
     * upstream CVS: lib/common.c: don't honor SASL_PATH in
      setuid environment. from Gentoo (CVE CAN-2004-0884);
     (closes: #275432)
Files: 
 435ce3d42cbcecf794244d92e53723c9 788 libs important cyrus-sasl_1.5.28-6.2.dsc
 233f242f3a9d4065c43a82ddb5e9b5ea 14458 libs important cyrus-sasl_1.5.28-6.2.diff.gz
 50bcdba5d2773437e827dbbae0a8cbed 68106 devel optional libsasl-dev_1.5.28-6.2_i386.deb
 0a8d6c90b7cc78e4e99a4486e2efcc81 12212 utils optional sasl-bin_1.5.28-6.2_i386.deb
 4361766bd6f0b134067526d8fea29fee 12960 libs optional libsasl-modules-plain_1.5.28-6.2_i386.deb
 79f2f0c01752100ae2c0fa55d4c8fcf0 15218 libs optional libsasl-digestmd5_1.5.28-6.2_i386.deb
 185c74ab9e3b9705caaf390ab9d65da0 7854 libs important libsasl-gssapi-heimdal_1.5.28-6.2_i386.deb
 6af8d1c375a887f63785973f24bfc0cd 97920 libs important libsasl7_1.5.28-6.2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBZq8K7iXePxzbD+MRAmfaAJ9vL4af6QKXLUXZCr3CS3FhKT+hXwCfbpoF
/2SjUpGMybGjaKg8vymtphM=
=ub1L
-----END PGP SIGNATURE-----


Accepted:
cyrus-sasl_1.5.28-6.2.diff.gz
  to pool/main/c/cyrus-sasl/cyrus-sasl_1.5.28-6.2.diff.gz
cyrus-sasl_1.5.28-6.2.dsc
  to pool/main/c/cyrus-sasl/cyrus-sasl_1.5.28-6.2.dsc
libsasl-dev_1.5.28-6.2_i386.deb
  to pool/main/c/cyrus-sasl/libsasl-dev_1.5.28-6.2_i386.deb
libsasl-digestmd5_1.5.28-6.2_i386.deb
  to pool/main/c/cyrus-sasl/libsasl-digestmd5_1.5.28-6.2_i386.deb
libsasl-gssapi-heimdal_1.5.28-6.2_i386.deb
  to pool/main/c/cyrus-sasl/libsasl-gssapi-heimdal_1.5.28-6.2_i386.deb
libsasl-modules-plain_1.5.28-6.2_i386.deb
  to pool/main/c/cyrus-sasl/libsasl-modules-plain_1.5.28-6.2_i386.deb
libsasl7_1.5.28-6.2_i386.deb
  to pool/main/c/cyrus-sasl/libsasl7_1.5.28-6.2_i386.deb
sasl-bin_1.5.28-6.2_i386.deb
  to pool/main/c/cyrus-sasl/sasl-bin_1.5.28-6.2_i386.deb

Reply to:

Prev by Date: Accepted cyrus-sasl2 2.1.19-1.2 (i386 source)
Next by Date: Accepted guile-www 1.1.1-1 (all source)
Previous by thread: Accepted cyrus-sasl2 2.1.19-1.2 (i386 source)
Next by thread: Accepted guile-www 1.1.1-1 (all source)
Index(es):
- Date
- Thread