SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for cyrus-sasl-crammd5-2.1.27-8.1.i586.rpm :

* Fri Jan 08 2021 Peter Varkoly - CVE-2020-8032: cyrus-sasl: Local privilege escalation to root due to insecure tmp file usage. (bsc#1180669) Use /var/adm/update-scripts/ instead of /tmp. Clean up temporary files.
* Tue Dec 08 2020 Peter Varkoly - Remove Berkeley DB dependency (JIRA#SLE-12190) The packages cyrus-sasl and cyrus-sasl-saslauthd are built without Berkely DB support. gdbm will be used instead of BDB. The packages cyrus-sasl-bdb and cyrus-sasl-saslauthd-bdb are built with Berkely DB support.- Update to 2.1.27
* Added support for OpenSSL 1.1
* Added support for lmdb
* Lots of build fixes
* Treat SCRAM and DIGEST-MD5 as more secure than PLAIN when selecting client mech
* DIGEST-MD5 plugin: Fixed memory leaks Fixed a segfault when looking for non-existent reauth cache Prevent client from going from step 3 back to step 2 Allow cmusaslsecretDIGEST-MD5 property to be disabled
* GSSAPI plugin: Added support for retrieving negotiated SSF Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF Properly compute maxbufsize AFTER security layers have been set
* SCRAM plugin: Added support for SCRAM-SHA-256
* LOGIN plugin: Don’t prompt client for password until requested by server
* NTLM plugin: Fixed crash due to uninitialized HMAC context- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- bsc#983938 `After=syslog.target` left-overs in several unit files- added patches: fix_libpq-fe_include.diff for fixing including libpq-fe.h- removed patches obsoleted by upstream changes:
* shared_link_on_ppc.patch
* cyrus-sasl-2.1.27-openssl-1.1.0.patch
* 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch
* 0003-Check-return-error-from-gss_wrap_size_limit.patch
* 0004-Add-support-for-retrieving-the-mech_ssf.patch
* 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch
* cyrus-sasl-fix-logging-in-gssapi.patch
* Thu Feb 06 2020 Samuel Cabrero - Added support for retrieving negotiated SSF in gssapi plugin (bsc#1162518)
* Add 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch
* Add 0003-Check-return-error-from-gss_wrap_size_limit.patch
* Add 0004-Add-support-for-retrieving-the-mech_ssf.patch- Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF (bsc#1162518)
* Add 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch
* Thu Nov 28 2019 Michael Ströder - added backport-patch cyrus-sasl-bug587.patch which fixes off-by-one error in _sasl_add_string function (see CVE-2019-19906 bsc#1159635)
* Mon Feb 04 2019 Peter Varkoly - bnc#1044840 syslog is polluted with messages \"GSSAPI client step 1\" By server context the connection will be sent to the log function. Client content does not have log level information. I.e. there is no way to stop DEBUG level logs nece I\'ve removed it.
* add cyrus-sasl-fix-logging-in-gssapi.patch
* Mon Sep 04 2017 vcizekAATTsuse.com- OpenSSL 1.1 support (bsc#1055463)
* add cyrus-sasl-2.1.27-openssl-1.1.0.patch from Fedora
* Wed Mar 22 2017 michaelAATTstroeder.com- added cyrus-sasl-issue-402.patch to fix SASL GSSAPI mechanism acceptor wrongly returns zero maxbufsize #402 (see https://github.com/cyrusimap/cyrus-sasl/issues/402)
* Tue Mar 07 2017 varkolyAATTsuse.com- bnc#1026825 saslauthd: :set_auth_mech : unknown authentication mechanism: kerberos5
* Wed Dec 09 2015 bwiedemannAATTsuse.com- really use SASLAUTHD_PARAMS variable (bnc#938657)
* Tue Jan 06 2015 varkolyAATTsuse.com- bnc#908883 cyrus-sasl-scram refers to wrong RFC
* Thu Nov 27 2014 jengelhAATTinai.de- Make sure /usr/sbin/rcsaslauthd exists
* Tue Sep 23 2014 varkolyAATTsuse.com- bnc#897837 saslauthd package has no config
* Tue Jul 29 2014 sfalkenAATTopensuse.org- Changed --with-saslauthd=/var/run/sasl2 in %build to /run/sasl2 to clear rpmlint check failure
* Sat Jul 19 2014 p.drouandAATTgmail.com- Remove insserv dependency; it\'s unneeded with systemd\' systems- Remove insserv and fillup dependency in cyrus-sasl package; there is neither sysconfig or init file
* Fri Jun 13 2014 ckornackerAATTsuse.com- Revert upstream commit 080e51c7fa0421eb2f0210d34cf0ac48a228b1e9 cyrus-sasl-revert_gssapi_flags.patch (bnc#775279)
* Tue Apr 01 2014 varkolyAATTsuse.com- bnc#871183 - cyrus-sasl-saslauthd service file is missing parameter \'Restart=always\'
* Sat Nov 02 2013 jengelhAATTinai.de- Implement shlib packaging guidelines: make subpackage libsasl2-3. (All other .so files are _server_ plugins AFAICS, loaded via dlopen.)- Ensure directories are owned by packages and thus get torn down on package removal
* Sat Oct 05 2013 tchvatalAATTsuse.com- Put back the .so files to sasl auth packages from devel file. The .so files are read by some application instead of full path so in order for auth to work this files must be available
* Sun Sep 29 2013 tittiatcokeAATTgmail.com- Add patch fix-sasl-header.diff to resolve build issues that are failing due to typedef \'sasl_malloc_t\' is initialized. (see gentoo#458870, fedora#906519)
* Wed Sep 11 2013 jcnengelAATTgmail.com- Removed server side service to comply with Factory rules
* Tue Sep 03 2013 jcnengelAATTgmail.com- Update to 2.1.26
* Modernize SASL malloc/realloc callback prototypes
* Added sasl_config_done() to plug a memory leak when using an application specific config file
* Fixed PLAIN/LOGIN authentication failure when using saslauthd with no auxprop plugins (bug # 3590).
* unlock the mutex in sasl_dispose if the context was freed by another thread
* MINGW32 compatibility patches
* Fixed broken logic in get_fqhostname() when abort_if_no_fqdn is 0
* Fixed some memory leaks in libsasl - GSSAPI plugin: + Fixed a segfault in gssapi.c introduced in 2.1.25. + Code refactoring + Added support for GSS-SPNEGO SASL mechanism (Unix only), which is also HTTP capable - GS2 plugin: + Updated GS2 plugin not to lose minor GSS-API status codes on errors - DIGEST-MD5 plugin: + Correctly send \"stale\" directive to prevent clients from (re)promtping for password + Better handling of HTTP reauthentication cases + fixed some memory leaks - SASLDB plugin: + Added support for BerkleyDB 5.X or later - OTP plugin: + Removed calling of EVP_cleanup() on plugin shutdown in order to prevent TLS from failing in calling applications - SRP plugin: + Removed calling of EVP_cleanup() on plugin shutdown in order to prevent TLS from failing in calling applications - saslauthd: + auth_rimap.c: qstring incorrectly appending the closing double quote, which might be causing crashes + auth_rimap.c: read the whole IMAP greeting + better error reporting from some drivers + fixed some memory leaks- New BuildRequires for pkgconfig since pkgconfig file is generated- Removed patches that do no longer apply
* cyrus-sasl-gcc4.patch (integrated upstream)
* cyrus-sasl-gs2-not-overwrite-minor-error-code.dif (integrated upstream)
* gssapi-null-deref.dif (integrated upstream)
* Fix-abort_if_no_fqdn-behavior.patch (integrated upstream)
* cyrus-sasl-db6.diff (integrated upstream)- Move
*.so files into devel package
* Fri Jul 26 2013 obsAATTbotter.cc- Fix for bnc#827230 and #784705, fix patch as described in [#827230], typo in patch from request 112480 (remove rpath, Apr 4 2012), preventing sql auxprop plugin to work
* Fri Jun 14 2013 jengelhAATTinai.de- Add cyrus-sasl-db6.diff to fix compile abort with db >= 5- Simpler delete of .la files with find
* Mon Aug 13 2012 rhaferAATTsuse.de- Include fix for Cyrus SASL Bug#3589: When abort_if_no_fqdn is 0, a getaddrinfo failure should be ignored, as long as gethostname() succeeded. (bnc#771983)
* Wed May 09 2012 crrodriguezAATTopensuse.org- Ensure libraries and tools are built with LFS and include config.h in all C files.
* Wed Apr 04 2012 dvaleevAATTsuse.com- remove rpath
* Wed Jan 18 2012 ajAATTsuse.de- Move some doc files to devel package and to cyrus-sasl-saslauthd.
* Fri Nov 25 2011 rhaferAATTsuse.de- Removed debug printfs from cyrus-sasl.dif, added by accident- Updated cyrus-sasl-gs2-not-overwrite-minor-error-code.dif with latest upstream improvements
* Wed Nov 16 2011 rhaferAATTsuse.de- Update to 2.1.25:
* Added support for channel bindings
* Added support for ordering SASL mechanisms by strength (on the client side), or using the \"client_mech_list\" option.
* Allow DIGEST-MD5 plugin to be used for client-side and server-side HTTP Digest, including running over non-persistent connections (RFC 2617)
* New SASL plugins: SCRAM and GS2
* Fixed a crash caused by aborted SASL authentication and initiation of another one using the same SASL context.
* Various improvements to DIGEST-MD5 to improve interoperability with some slightly broken clients- cleanup
* removed old dependencies still related to cyrus-sasl2
* plugins now depend on the exact cyrus-sasl version
* use autoreconf instead of calling all tools manually
* Fri Sep 30 2011 cooloAATTsuse.com- add libtool as buildrequire to make the spec file more reliable
* Sun Sep 18 2011 jengelhAATTmedozas.de- Remove redundant tags/sections from specfile
* Mon Jun 28 2010 jengelhAATTmedozas.de- use %_smp_mflags
* Mon Jun 07 2010 cooloAATTnovell.com- add dependency to avoid broken parallel make
* Mon May 10 2010 rhaferAATTnovell.com- Fixed attributes of /var/run/sasl2 in filelist
* Wed Apr 28 2010 rhaferAATTnovell.com- Removed the /var/run/sasl2 directory from cyrus-sasl.spec. It will now be created on demand by the saslauthd init script.- Adjusted init script headers to silence rpmlint warning/errors.
* Mon Dec 14 2009 jengelhAATTmedozas.de- add baselibs.conf as a source
* Mon Nov 23 2009 rhaferAATTnovell.com- Fixed linker arguments for ldap- and sql-auxprop plugins (bnc#555568)
* Mon Jul 20 2009 cooloAATTnovell.com- build against krb5-mini to avoid build cycle
* Fri May 15 2009 rhaferAATTnovell.com- Update to 2.1.23, the only change is a fix for a potential buffer overflow in sasl_encode64() (bnc#499104, CVE-2009-0688)- Imported some automake/libtool fixes from upstream cvs
* Mon Mar 02 2009 crrodriguezAATTsuse.de- fix build with GCC 4.4- remove all \"la\" files
* Wed Dec 10 2008 olhAATTsuse.de- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293)
* Thu Oct 30 2008 olhAATTsuse.de- obsolete old -XXbit packages (bnc#437293)
* Mon Aug 18 2008 rhaferAATTsuse.de- Fixed init-scripts Required-Stop Tags
* Tue Jul 29 2008 rhaferAATTsuse.de- Enhance sysconfig file and init script to allow to pass arbitrary parameters to saslauthd (bnc#397808)- Fixed description of the SASLAUTHD_THREADS sysconfig option.
* Thu Apr 10 2008 roAATTsuse.de- added baselibs.conf file to build xxbit packages for multilib support
* Fri Mar 28 2008 rhaferAATTsuse.de- Moved \"Version:\" up to the top to make versioned Obsoletes/Requires work correctly.
* Wed Mar 26 2008 rhaferAATTsuse.de- Enabled NTLM authentication plugin (bnc#343665), created new subpackage cyrus-sasl-ntlm- Replaced %run_ldconfig macro as suggested by rpmlint- Replaced unversioned Obsoltes/Provides with versioned ones- Removed unneeded Split-Provides
* Fri Oct 26 2007 rhaferAATTsuse.de- Fixed some RPMLINT complaints- re-enabled accidently disabled \"kerberos5\" authmech for saslauthd (Bug #335754)
* Tue Mar 20 2007 rhaferAATTsuse.de- Add SASLAUTHD_THREADS to /etc/sysconfig/saslauthd to be able to set the number of threads that saslauthd should spawn (Bug #199114)
* Fri Oct 27 2006 rhaferAATTsuse.de- Use /etc/sasl2/ as directory for config files of services %{_libdir} can still be used for backwards compatibilty (Bug #206414)
* Mon Sep 25 2006 rhaferAATTsuse.de- Remove unneeded automake/autoheader calls
* Mon Sep 11 2006 rhaferAATTsuse.de- Build -sqlauxprop from cyrus-sasl-saslauthd.spec to reduce BuildRequires of cyrus-sasl.spec- Removed unneeded openldap2 from BuildRequires of cyrus-sasl-saslauthd
* Tue Aug 29 2006 rhaferAATTsuse.de- Enabled the ldapdb auxprop plugin and created new subpackage cyrus-sasl-ldap-auxprop for it (Bug #201478)
* Fri Aug 25 2006 rhaferAATTsuse.de- remove saslauthd man-page from cyrus-sasl package to solve confict with -saslauthd subpackage (Bug #200490)
* Fri Jun 02 2006 rhaferAATTsuse.de- updated to 2.1.22
* new pluginviewer utility for reporting information about client and server side authentication plugins and auxprop plugins (e.g. supported features, methods, etc.).
* Added support for HTTP POST password validation in saslauthd- rename SuSE.tar.gz to cyrus-sasl-rc.tar.gz to avoid name collision with other packages in src.rpm (Bug #98188)- include \"crypt.h\" in auth_shadow.c to avoid possible crash in saslauthd (Bug #179621)
* Mon Apr 03 2006 rhaferAATTsuse.de- remove dlcompat-20010505 from tarball because of legal risk and documented this in README.Source (Bug: #161390)- added check for dlcompat-20010505 to the spec file
* Wed Jan 25 2006 mlsAATTsuse.de- converted neededforbuild to BuildRequires
* Wed Nov 23 2005 choegerAATTsuse.de- Bugfix ID#134491, cyrus-sasl-sqlauxprop is not linked against any database
* Sun Sep 25 2005 roAATTsuse.de- added LDAP_DEPRECATED to CFLAGS
* Wed Jul 13 2005 choegerAATTsuse.de- use /dev/urandom instead of /dev/random, see http://acs-wiki.andrew.cmu.edu/twiki/bin/view/Cyrus/POP3DevRandomIssue for an explanation- removed the useless .la files from rpm
* Tue May 17 2005 choegerAATTsuse.de- update to version 2.1.21
* Mon Mar 14 2005 choegerAATTsuse.de- now also build the sql auxprop plugin; created new subpackage cyrus-sasl-sqlauxprop
* Fri Feb 25 2005 uliAATTsuse.de- better GCC4 fix
* Fri Feb 25 2005 uliAATTsuse.de- fixed to build with GCC4
* Tue Nov 02 2004 mmjAATTsuse.de- Get rid of .cvsignore files- Don\'t remove buildroot before install
* Mon Oct 25 2004 choegerAATTsuse.de- update to version 2.1.20
* Wed Oct 06 2004 choegerAATTsuse.de- Bugfix ID#46847 - VUL-0: SASL environment variable local root
* Mon Sep 20 2004 choegerAATTsuse.de- package binaries of sample-client and -server instead of shell wrappers (which do not work)
* Fri Sep 17 2004 choegerAATTsuse.de- removed saslauthd from cyrus-sasl requires, as it is only needed on a \"server\" side and also not in every case (buildin mechanisms as CRAM- or DIGEST-MD5 do not need it)- added split-provides for saslauthd
* Mon Sep 06 2004 choegerAATTsuse.de- added testsaslauthd to filelist- removed saslauthd and insserv makros from cyrus-sasl.spec
* Fri Sep 03 2004 choegerAATTsuse.de- splitted up cyrus-sasl-saslauthd.spec, to resolve the cyclic dependency openldap2 <-> cyrus-sasl with saslauthd having LDAP support
* Tue Aug 31 2004 choegerAATTsuse.de- removed update messages and implemented \"split-provides\" instead
* Tue Aug 31 2004 choegerAATTsuse.de- added LDAP support for saslauthd, Bugzilla ID#44051
* Mon Aug 30 2004 choegerAATTsuse.de- Bugfix Bugzilla ID#44346 - still using /var/adm/notify now using new update messages mechanism- added sample/client sample/server to file list
* Thu Jul 15 2004 choegerAATTsuse.de- update to version 2.1.19
* Tue Jun 15 2004 choegerAATTsuse.de- bugfix id#39245 - cyrus-sasl includes straycat man page
* Fri Mar 12 2004 choegerAATTsuse.de- update to version 2.1.18 (Bugfix Release)
* Tue Jan 27 2004 choegerAATTsuse.de- Bugfix ID#34159 - cyrus-sasl: world-writeable rpath
* Thu Jan 22 2004 choegerAATTsuse.de- Bugfix Bugzilla ID#34019, notice users about the fact, that cyrus-sasl has been splitted into subpackages
* Fri Jan 16 2004 kukukAATTsuse.de- Add pam-devel to neededforbuild
* Tue Dec 02 2003 choegerAATTsuse.de- update to version 2.1.17
* Fri Oct 31 2003 choegerAATTsuse.de- Don\'t build as root
* Fri Oct 17 2003 kukukAATTsuse.de- Remove unused des from neededforbuild
* Tue Sep 16 2003 kukukAATTsuse.de- Add missing Provides [Bug #31005]
* Mon Sep 01 2003 choegerAATTsuse.de- removed \"-u root\" from startproc as it always failes- removed link to doc/components.html from doc/index.html as components.html does not exist (Bugzilla ID#29253)
* Thu Aug 14 2003 choegerAATTsuse.de- Bugfix Bugzilla ID#28932: missing activation metadata in sysconfig template
* Wed Jul 30 2003 choegerAATTsuse.de- new macros for stop/restart of services on rpm update/removal
* Tue Jul 15 2003 choegerAATTsuse.de- update to version 2.1.15
* Mon Jun 30 2003 choegerAATTsuse.de- update to version 2.1.14
* Wed Jun 18 2003 roAATTsuse.de- use kerberos-devel-packages in neededforbuild
* Fri Jun 13 2003 kukukAATTsuse.de- Add missing directory to filelist
* Fri May 09 2003 choegerAATTsuse.de- use -ldb instead of -ldb-x.y to manually link the dbconverter
* Tue May 06 2003 choegerAATTsuse.de- update to version 2.1.13
* Tue Apr 15 2003 roAATTsuse.de- added krb4-lib,krb4-devel to neededforbuild
* Mon Apr 07 2003 choegerAATTsuse.de- renamed to cyrus-sasl- splitted libraries for the following auth methods into seperate packages: - crammd5 - digestmd5 - otp - plain this is to prevent from annoying warnings about missing proper setup of mechanisms we don\'t use
* Thu Mar 06 2003 choegerAATTsuse.de- ever used dbconverter-2? Well it is just a shell script which uses the damn compiled source tree... :-( manually building dbconverter to let users convert their /etc/sasldb from v1 to v2 using /usr/sbin/dbconverter
* Thu Mar 06 2003 choegerAATTsuse.de- as cyrus-sasl is dropped now: provide cyrus-sasl-
*, obsolete cyrus-sasl-
* (Bugzilla ID# 24762)
* Tue Feb 04 2003 choegerAATTsuse.de- update to cyrus-sasl-2.1.12, bug-fix release. This release addresses a few minor build and distribution related issues
* Mon Feb 03 2003 choegerAATTsuse.de- update to cyrus-sasl-2.1.11, bug-fix release. It addresses a number of issues in the build system, a memory leak in the doors IPC method for saslauthd, and fixes the NTLM server side support to only require one of the LM or NT methods.
* Thu Jan 23 2003 choegerAATTsuse.de- don\'t use new libtool macros as cyrus-sasl2 seems to not work when using them.- added patch to compile shared libraries on ppc
* Wed Jan 15 2003 kukukAATTsuse.de- Remove openldap2 from needed for build
* Tue Jan 14 2003 choegerAATTsuse.de- do not build the static library anymore
* Wed Dec 11 2002 choegerAATTsuse.de- added sysconfig metadata to sysconfig templates
* Tue Dec 10 2002 choegerAATTsuse.de- update to version 2.1.10 This version corrects a number of DIGEST-MD5 interoperability issues, as well as corrects some potential buffer overflows.
* Wed Oct 30 2002 roAATTsuse.de- make it build again
* Tue Oct 29 2002 roAATTsuse.de- remove own libtool macros
* Thu Oct 24 2002 choegerAATTsuse.de- update to latest version 2.1.9
* Thu Sep 12 2002 choegerAATTsuse.de- Bugfix Bugzilla ID#19383: cyrus-sasl-devel should conflict with cyrus-sasl2-devel, because they contain files with the same name
* Mon Aug 19 2002 rhaferAATTsuse.de- enabled building of the static libsasl.a. It is needed for cyrus-imap to be usable with nss_ldap (which is linked against cyrus-sasl1)
* Mon Aug 12 2002 choegerAATTsuse.de- update to version 2.1.7
* Thu Aug 08 2002 choegerAATTsuse.de- added .la files to the sasl2 plugin directory ([lt_]dlopen seems to need that)
* Mon Aug 05 2002 choegerAATTsuse.de- added Prereq
* Sat Jul 27 2002 adrianAATTsuse.de- add %run_ldconfig
* Wed Jul 17 2002 choegerAATTsuse.de- update to version 2.1.6
* Wed Jun 19 2002 choegerAATTsuse.de- also install dbconverter-2 to be able to migrate from cyrus-sasl(1)
* Tue Jun 18 2002 choegerAATTsuse.de- /var/run/sasl2 must be 755 to let non root daemons connect to unix socket
* Tue Jun 18 2002 choegerAATTsuse.de- added initscript and sysconfig file for saslauthd- added docs
* Tue Jun 18 2002 rhaferAATTsuse.de- added opie to needforbuild- should build on ppc64 and s390x now
* Mon Jun 17 2002 rhaferAATTsuse.de- additional autoconf related patches, that were missing at first check in
* Mon Jun 17 2002 rhaferAATTsuse.de- Initial checkin of cyrus-sasl-2.1.5
 
ICM