[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted cyrus-sasl2-mit 2.1.19-2 (source i386)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 16 Dec 2005 22:01:06 -0500
Source: cyrus-sasl2-mit
Binary: libsasl2-gssapi-mit libsasl2-krb4-mit
Architecture: source i386
Version: 2.1.19-2
Distribution: unstable
Urgency: emergency
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Sam Hartman <hartmans@debian.org>
Description: 
 libsasl2-gssapi-mit - GSSAPI  module for SASL using MIT Kerberos
 libsasl2-krb4-mit - Kerberos4  module for SASL using MIT Kerberos
Closes: 276865 285613
Changes: 
 cyrus-sasl2-mit (2.1.19-2) unstable; urgency=low
 .
   * Sync with 2.1.19-1.7
         - Includes fix for FTBFS, Closes: #285613
   * Include NMU from 2.1.19-1.1
   * Disable gssapi library mutexes as we no longer need them.
 .
 cyrus-sasl2-mit (2.1.19-1.1) unstable; urgency=emergency
 .
   * NMU
   * resync to cyrus-sasl2 2.1.19-1.5):
     * SECURITY FIX: SASL_PATH environment variable must not be honoured on
       setuid environments, otherwise we have a local privilege escalation
       exploit (CVE: CAN-2004-0884), related advisories: RHSA-2004:546-02;
       GLSA 200410-05 (closes: #276865)
       * upstream CVS: lib/common.c: don't honor SASL_PATH in setuid
         environment. from Gentoo (CVE CAN-2004-0884);
       * Fix to upstream CVS security fix: initialize *path = NULL
     * upstream CVS: plugins/kerberos4.c: document weirdness with openssl DES
     * upstream CVS: plugins/cram.c,plugins/anonymous.c,plugins/login.c,
       plugins/plain.c,plugins/sasldb.c: Fixed several 64 bit portability
       warnings
     * Forward port sasl_set_alloc locking patch from SASL 1.5, to avoid
       problems with the braindead idea of globals SASL has, and with libraries
       that think they can get around mucking with them (hello openldap!)
     * Add Build-Conflicts: autoconf2.13, automake1.4
Files: 
 b3021859beb20f11f58466aa27e4c8d7 924 devel optional cyrus-sasl2-mit_2.1.19-2.dsc
 10e1a4dc0005dbf7127a7ae800b5c4ab 29804 devel optional cyrus-sasl2-mit_2.1.19-2.diff.gz
 6f37f12141dd49e2f84fc0b7c361dc03 47140 devel optional libsasl2-gssapi-mit_2.1.19-2_i386.deb
 73d6bf373291da2c6c7825390cd52317 46734 devel optional libsasl2-krb4-mit_2.1.19-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDo4IL/I12czyGJg8RAshiAJ4kHzqn+8rV9JJqnMrWnD8UBuQ8ZgCg0Hz0
jsyGbPScyYyuFQw4NRWkxAY=
=NkFZ
-----END PGP SIGNATURE-----


Accepted:
cyrus-sasl2-mit_2.1.19-2.diff.gz
  to pool/main/c/cyrus-sasl2-mit/cyrus-sasl2-mit_2.1.19-2.diff.gz
cyrus-sasl2-mit_2.1.19-2.dsc
  to pool/main/c/cyrus-sasl2-mit/cyrus-sasl2-mit_2.1.19-2.dsc
libsasl2-gssapi-mit_2.1.19-2_i386.deb
  to pool/main/c/cyrus-sasl2-mit/libsasl2-gssapi-mit_2.1.19-2_i386.deb
libsasl2-krb4-mit_2.1.19-2_i386.deb
  to pool/main/c/cyrus-sasl2-mit/libsasl2-krb4-mit_2.1.19-2_i386.deb
Reply to: