SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for cyrus-sasl-ldap-auxprop-bdb-2.1.28-157.9.x86_64.rpm :

* Mon Nov 06 2023 dimstarAATTopensuse.org- Fix build with RPM 4.19: unnumbered patches are no longer supported.
* Thu May 04 2023 dimstarAATTopensuse.org- Add _multibuild to define 2nd spec file as additional flavor. Eliminates the need for source package links in OBS.
* Mon Jan 23 2023 dmuellerAATTsuse.com- drop optional opie dependency
* Wed Dec 07 2022 dimstarAATTopensuse.org- Do not set directories inside doc/ mode 644; otherwise the directories are set 644 as well, which means no files inside are accessible. This resulted in the past in doc/ actually not being added to the devel package.
* Wed Mar 09 2022 dmuellerAATTsuse.com- update to 2.1.28 (bsc#1196036, CVE-2022-24407):
* https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28- drop cyrus-sasl-bug587.patch (upstream)
* Mon Jan 31 2022 dmuellerAATTsuse.com- cyrus-sasl: prevent fail of %pre when berkely db utils are not installed (seems like we want to use this only for upgrade so no Prereq added)- move license to licensedir- remove use of RPM_BUILD_ROOT- minimal spec cleanups- avoid bashisms
* Thu Jan 13 2022 varkolyAATTsuse.com- postfix: sasl authentication with password fails (bsc#1194265) Add config parameter --with-dblib=gdbm- Avoid converting of /etc/sasldb2 by every update. Convert /etc/sasldb2 only if it is a Berkeley DB
* Thu Feb 25 2021 varkolyAATTsuse.com- Fix build: Do not build libsasl2-3 in the bdb package. This will not be linked to berkely db. libsasl2-3 is now defined as %BuildRequires and %Requires
* Fri Jan 08 2021 varkolyAATTsuse.com- CVE-2020-8032: cyrus-sasl: Local privilege escalation to root due to insecure tmp file usage. (bsc#1180669) Use /var/adm/update-scripts/ instead of /tmp. Clean up temporary files.
* Tue Dec 08 2020 varkolyAATTsuse.com- Remove Berkeley DB dependency (JIRA#SLE-12190) The packages cyrus-sasl and cyrus-sasl-saslauthd are built without Berkely DB support. gdbm will be used instead of BDB. The packages cyrus-sasl-bdb and cyrus-sasl-saslauthd-bdb are built with Berkely DB support.- Update to 2.1.27
* Added support for OpenSSL 1.1
* Added support for lmdb
* Lots of build fixes
* Treat SCRAM and DIGEST-MD5 as more secure than PLAIN when selecting client mech
* DIGEST-MD5 plugin: Fixed memory leaks Fixed a segfault when looking for non-existent reauth cache Prevent client from going from step 3 back to step 2 Allow cmusaslsecretDIGEST-MD5 property to be disabled
* GSSAPI plugin: Added support for retrieving negotiated SSF Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF Properly compute maxbufsize AFTER security layers have been set
* SCRAM plugin: Added support for SCRAM-SHA-256
* LOGIN plugin: Don’t prompt client for password until requested by server
* NTLM plugin: Fixed crash due to uninitialized HMAC context- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- bsc#983938 `After=syslog.target` left-overs in several unit files- added patches: fix_libpq-fe_include.diff for fixing including libpq-fe.h- removed patches obsoleted by upstream changes:
* shared_link_on_ppc.patch
* cyrus-sasl-2.1.27-openssl-1.1.0.patch
* 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch
* 0003-Check-return-error-from-gss_wrap_size_limit.patch
* 0004-Add-support-for-retrieving-the-mech_ssf.patch
* 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch
* cyrus-sasl-fix-logging-in-gssapi.patch
* Thu Feb 06 2020 scabreroAATTsuse.de- Added support for retrieving negotiated SSF in gssapi plugin (bsc#1162518)
* Add 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch
* Add 0003-Check-return-error-from-gss_wrap_size_limit.patch
* Add 0004-Add-support-for-retrieving-the-mech_ssf.patch- Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF (bsc#1162518)
* Add 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch
* Thu Nov 28 2019 michaelAATTstroeder.com- added backport-patch cyrus-sasl-bug587.patch which fixes off-by-one error in _sasl_add_string function (see CVE-2019-19906 bsc#1159635)
* Mon Feb 04 2019 varkolyAATTsuse.com- bnc#1044840 syslog is polluted with messages \"GSSAPI client step 1\" By server context the connection will be sent to the log function. Client content does not have log level information. I.e. there is no way to stop DEBUG level logs nece I\'ve removed it.
* add cyrus-sasl-fix-logging-in-gssapi.patch
* Mon Sep 04 2017 vcizekAATTsuse.com- OpenSSL 1.1 support (bsc#1055463)
* add cyrus-sasl-2.1.27-openssl-1.1.0.patch from Fedora
* Wed Mar 22 2017 michaelAATTstroeder.com- added cyrus-sasl-issue-402.patch to fix SASL GSSAPI mechanism acceptor wrongly returns zero maxbufsize #402 (see https://github.com/cyrusimap/cyrus-sasl/issues/402)
* Tue Mar 07 2017 varkolyAATTsuse.com- bnc#1026825 saslauthd: :set_auth_mech : unknown authentication mechanism: kerberos5
* Wed Dec 09 2015 bwiedemannAATTsuse.com- really use SASLAUTHD_PARAMS variable (bnc#938657)
* Tue Jan 06 2015 varkolyAATTsuse.com- bnc#908883 cyrus-sasl-scram refers to wrong RFC
* Thu Nov 27 2014 jengelhAATTinai.de- Make sure /usr/sbin/rcsaslauthd exists
* Tue Sep 23 2014 varkolyAATTsuse.com- bnc#897837 saslauthd package has no config
* Tue Jul 29 2014 sfalkenAATTopensuse.org- Changed --with-saslauthd=/var/run/sasl2 in %build to /run/sasl2 to clear rpmlint check failure
* Sat Jul 19 2014 p.drouandAATTgmail.com- Remove insserv dependency; it\'s unneeded with systemd\' systems- Remove insserv and fillup dependency in cyrus-sasl package; there is neither sysconfig or init file
* Fri Jun 13 2014 ckornackerAATTsuse.com- Revert upstream commit 080e51c7fa0421eb2f0210d34cf0ac48a228b1e9 cyrus-sasl-revert_gssapi_flags.patch (bnc#775279)
* Tue Apr 01 2014 varkolyAATTsuse.com- bnc#871183 - cyrus-sasl-saslauthd service file is missing parameter \'Restart=always\'
* Sat Nov 02 2013 jengelhAATTinai.de- Implement shlib packaging guidelines: make subpackage libsasl2-3. (All other .so files are _server_ plugins AFAICS, loaded via dlopen.)- Ensure directories are owned by packages and thus get torn down on package removal
* Sat Oct 05 2013 tchvatalAATTsuse.com- Put back the .so files to sasl auth packages from devel file. The .so files are read by some application instead of full path so in order for auth to work this files must be available
* Sun Sep 29 2013 tittiatcokeAATTgmail.com- Add patch fix-sasl-header.diff to resolve build issues that are failing due to typedef \'sasl_malloc_t\' is initialized. (see gentoo#458870, fedora#906519)
* Wed Sep 11 2013 jcnengelAATTgmail.com- Removed server side service to comply with Factory rules
* Tue Sep 03 2013 jcnengelAATTgmail.com- Update to 2.1.26
* Modernize SASL malloc/realloc callback prototypes
* Added sasl_config_done() to plug a memory leak when using an application specific config file
* Fixed PLAIN/LOGIN authentication failure when using saslauthd with no auxprop plugins (bug # 3590).
* unlock the mutex in sasl_dispose if the context was freed by another thread
* MINGW32 compatibility patches
* Fixed broken logic in get_fqhostname() when abort_if_no_fqdn is 0
* Fixed some memory leaks in libsasl - GSSAPI plugin: + Fixed a segfault in gssapi.c introduced in 2.1.25. + Code refactoring + Added support for GSS-SPNEGO SASL mechanism (Unix only), which is also HTTP capable - GS2 plugin: + Updated GS2 plugin not to lose minor GSS-API status codes on errors - DIGEST-MD5 plugin: + Correctly send \"stale\" directive to prevent clients from (re)promtping for password + Better handling of HTTP reauthentication cases + fixed some memory leaks - SASLDB plugin: + Added support for BerkleyDB 5.X or later - OTP plugin: + Removed calling of EVP_cleanup() on plugin shutdown in order to prevent TLS from failing in calling applications - SRP plugin: + Removed calling of EVP_cleanup() on plugin shutdown in order to prevent TLS from failing in calling applications - saslauthd: + auth_rimap.c: qstring incorrectly appending the closing double quote, which might be causing crashes + auth_rimap.c: read the whole IMAP greeting + better error reporting from some drivers + fixed some memory leaks- New BuildRequires for pkgconfig since pkgconfig file is generated- Removed patches that do no longer apply
* cyrus-sasl-gcc4.patch (integrated upstream)
* cyrus-sasl-gs2-not-overwrite-minor-error-code.dif (integrated upstream)
* gssapi-null-deref.dif (integrated upstream)
* Fix-abort_if_no_fqdn-behavior.patch (integrated upstream)
* cyrus-sasl-db6.diff (integrated upstream)- Move
*.so files into devel package
* Fri Jul 26 2013 obsAATTbotter.cc- Fix for bnc#827230 and #784705, fix patch as described in [#827230], typo in patch from request 112480 (remove rpath, Apr 4 2012), preventing sql auxprop plugin to work
* Fri Jun 14 2013 jengelhAATTinai.de- Add cyrus-sasl-db6.diff to fix compile abort with db >= 5- Simpler delete of .la files with find
* Mon Aug 13 2012 rhaferAATTsuse.de- Include fix for Cyrus SASL Bug#3589: When abort_if_no_fqdn is 0, a getaddrinfo failure should be ignored, as long as gethostname() succeeded. (bnc#771983)
* Wed May 09 2012 crrodriguezAATTopensuse.org- Ensure libraries and tools are built with LFS and include config.h in all C files.
* Wed Apr 04 2012 dvaleevAATTsuse.com- remove rpath
* Wed Jan 18 2012 ajAATTsuse.de- Move some doc files to devel package and to cyrus-sasl-saslauthd.
* Fri Nov 25 2011 rhaferAATTsuse.de- Removed debug printfs from cyrus-sasl.dif, added by accident- Updated cyrus-sasl-gs2-not-overwrite-minor-error-code.dif with latest upstream improvements
* Wed Nov 16 2011 rhaferAATTsuse.de- Update to 2.1.25:
* Added support for channel bindings
* Added support for ordering SASL mechanisms by strength (on the client side), or using the \"client_mech_list\" option.
* Allow DIGEST-MD5 plugin to be used for client-side and server-side HTTP Digest, including running over non-persistent connections (RFC 2617)
* New SASL plugins: SCRAM and GS2
* Fixed a crash caused by aborted SASL authentication and initiation of another one using the same SASL context.
* Various improvements to DIGEST-MD5 to improve interoperability with some slightly broken clients- cleanup
* removed old dependencies still related to cyrus-sasl2
* plugins now depend on the exact cyrus-sasl version
* use autoreconf instead of calling all tools manually
* Fri Sep 30 2011 cooloAATTsuse.com- add libtool as buildrequire to make the spec file more reliable
* Sun Sep 18 2011 jengelhAATTmedozas.de- Remove redundant tags/sections from specfile
* Mon Jun 28 2010 jengelhAATTmedozas.de- use %_smp_mflags
* Mon Jun 07 2010 cooloAATTnovell.com- add dependency to avoid broken parallel make
* Mon May 10 2010 rhaferAATTnovell.com- Fixed attributes of /var/run/sasl2 in filelist
* Wed Apr 28 2010 rhaferAATTnovell.com- Removed the /var/run/sasl2 directory from cyrus-sasl.spec. It will now be created on demand by the saslauthd init script.- Adjusted init script headers to silence rpmlint warning/errors.
* Mon Dec 14 2009 jengelhAATTmedozas.de- add baselibs.conf as a source
* Mon Nov 23 2009 rhaferAATTnovell.com- Fixed linker arguments for ldap- and sql-auxprop plugins (bnc#555568)
* Mon Jul 20 2009 cooloAATTnovell.com- build against krb5-mini to avoid build cycle
* Fri May 15 2009 rhaferAATTnovell.com- Update to 2.1.23, the only change is a fix for a potential buffer overflow in sasl_encode64() (bnc#499104, CVE-2009-0688)- Imported some automake/libtool fixes from upstream cvs
* Mon Mar 02 2009 crrodriguezAATTsuse.de- fix build with GCC 4.4- remove all \"la\" files
 
ICM