[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#702954: marked as done (unblock: cyrus-imapd-2.4/2.4.16-4)

Your message dated Wed, 13 Mar 2013 11:15:05 +0000
with message-id <26530935cedb1014b4aa38ea8874a033@mail.adsl.funky-badger.org>
and subject line Re: Bug#702954: unblock: cyrus-imapd-2.4/2.4.16-4
has caused the Debian Bug report #702954,
regarding unblock: cyrus-imapd-2.4/2.4.16-4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
702954: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702954
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package cyrus-imapd-2.4

It has been discovered that we are distributing an incomplete patch,
which normalizes all username in the authentication even when the
normalization is not enabled.  This basically disallows users with
CamelCase account names to log into the mail server.  I would classify
this bug as important/normal since the fraction of users with
CamelCaseAccountNames is (hopefully) very low, but I might be mistaken
and it might hit a quite large userbase.  So I guess it's better to be
safe than sorry.

Other part of this patch is a purely cosmetic; it just removes
mentions of DRAC (pop-before-smtp) which has been disabled some time
ago, but I already got one report about the confusion this creates.

Thanks.

$ diffstat cyrus-imapd-2.4_2.4.16-4.debdiff
 changelog                                                      |    8 +++++++
 control                                                        |    5 ----
 imapd.conf                                                     |    7 ------
 patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch |   11 ++++++++++
 4 files changed, 19 insertions(+), 12 deletions(-)

unblock cyrus-imapd-2.4/2.4.16-4

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru cyrus-imapd-2.4-2.4.16/debian/changelog cyrus-imapd-2.4-2.4.16/debian/changelog
--- cyrus-imapd-2.4-2.4.16/debian/changelog	2013-02-26 12:37:22.000000000 +0100
+++ cyrus-imapd-2.4-2.4.16/debian/changelog	2013-03-13 11:47:43.000000000 +0100
@@ -1,3 +1,11 @@
+cyrus-imapd-2.4 (2.4.16-4) unstable; urgency=low
+
+  * Update normalize patch to correctly set the normalize option in the
+    global library (Closes: #702941)
+  * Remove disabled DRAC from description
+
+ -- Ondřej Surý <ondrej@debian.org>  Wed, 13 Mar 2013 11:12:57 +0100
+
 cyrus-imapd-2.4 (2.4.16-3) unstable; urgency=low
 
   * Use find -H instead of plain find to fix the permissions inside the
diff -Nru cyrus-imapd-2.4-2.4.16/debian/control cyrus-imapd-2.4-2.4.16/debian/control
--- cyrus-imapd-2.4-2.4.16/debian/control	2013-02-26 12:37:22.000000000 +0100
+++ cyrus-imapd-2.4-2.4.16/debian/control	2013-03-13 11:47:43.000000000 +0100
@@ -52,7 +52,6 @@
  including support for:
   - running the daemon without root privileges;
   - POP3 and NNTP in addition to plain IMAP;
-  - POP/IMAP-before-SMTP using DRAC;
   - secure IMAP using SSL;
   - server-side filtering with Sieve;
   - mail users without login accounts;
@@ -83,7 +82,6 @@
  including support for:
   - running the daemon without root privileges;
   - POP3 and NNTP in addition to plain IMAP;
-  - POP/IMAP-before-SMTP using DRAC;
   - secure IMAP using SSL;
   - server-side filtering with Sieve;
   - mail users without login accounts;
@@ -109,7 +107,6 @@
  including support for:
   - running the daemon without root privileges;
   - POP3 and NNTP in addition to plain IMAP;
-  - POP/IMAP-before-SMTP using DRAC;
   - secure IMAP using SSL;
   - server-side filtering with Sieve;
   - mail users without login accounts;
@@ -135,7 +132,6 @@
  including support for:
   - running the daemon without root privileges;
   - POP3 and NNTP in addition to plain IMAP;
-  - POP/IMAP-before-SMTP using DRAC;
   - secure IMAP using SSL;
   - server-side filtering with Sieve;
   - mail users without login accounts;
@@ -248,7 +244,6 @@
  including support for:
   - running the daemon without root privileges;
   - POP3 and NNTP in addition to plain IMAP;
-  - POP/IMAP-before-SMTP using DRAC;
   - secure IMAP using SSL;
   - server-side filtering with Sieve;
   - mail users without login accounts;
diff -Nru cyrus-imapd-2.4-2.4.16/debian/imapd.conf cyrus-imapd-2.4-2.4.16/debian/imapd.conf
--- cyrus-imapd-2.4-2.4.16/debian/imapd.conf	2013-02-26 12:37:22.000000000 +0100
+++ cyrus-imapd-2.4-2.4.16/debian/imapd.conf	2013-03-13 11:47:43.000000000 +0100
@@ -116,13 +116,6 @@
 # specified in the script.  Valid methods are null, log, zephyr, mailto
 #sievenotifier: zephyr
 
-# DRAC (pop-before-smtp, imap-before-smtp) support
-# Set dracinterval to the time in minutes to call DRAC while a user is
-# connected to the imap/pop services. Set to 0 to disable DRAC (default)
-# Set drachost to the host where the rpc drac service is running
-#dracinterval: 0
-#drachost: localhost
-
 # If enabled, the partitions will also be hashed, in addition to the hashing
 # done on configuration directories. This is recommended if one partition has a
 # very bushy mailbox tree.
diff -Nru cyrus-imapd-2.4-2.4.16/debian/patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch cyrus-imapd-2.4-2.4.16/debian/patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch
--- cyrus-imapd-2.4-2.4.16/debian/patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch	2013-02-26 12:37:22.000000000 +0100
+++ cyrus-imapd-2.4-2.4.16/debian/patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch	2013-03-13 11:47:43.000000000 +0100
@@ -15,6 +15,17 @@
  lib/libcyr_cfg.h |    2 ++
  4 files changed, 29 insertions(+), 0 deletions(-)
 
+--- a/imap/global.c
++++ b/imap/global.c
+@@ -224,6 +224,8 @@ int cyrus_init(const char *alt_config, c
+ 				  config_getswitch(IMAPOPT_UNIX_GROUP_ENABLE));
+ 	libcyrus_config_setswitch(CYRUSOPT_USERNAME_TOLOWER,
+ 				  config_getswitch(IMAPOPT_USERNAME_TOLOWER));
++	libcyrus_config_setswitch(CYRUSOPT_NORMALIZEUID,
++				  config_getswitch(IMAPOPT_NORMALIZEUID));
+ 	libcyrus_config_setswitch(CYRUSOPT_SKIPLIST_UNSAFE,
+ 				  config_getswitch(IMAPOPT_SKIPLIST_UNSAFE));
+ 	libcyrus_config_setstring(CYRUSOPT_TEMP_PATH,
 --- a/lib/auth_unix.c
 +++ b/lib/auth_unix.c
 @@ -156,10 +156,12 @@ const char *identifier;

--- End Message ---
--- Begin Message --- 
On 13.03.2013 11:02, Ondřej Surý wrote:

It has been discovered that we are distributing an incomplete patch,
which normalizes all username in the authentication even when the
normalization is not enabled.  This basically disallows users with
CamelCase account names to log into the mail server. I would classify 
this bug as important/normal since the fraction of users with
CamelCaseAccountNames is (hopefully) very low, but I might be mistaken and it might hit a quite large userbase. So I guess it's better to be 
safe than sorry.


Unblocked.

Regards,

Adam

--- End Message ---
Reply to: