1 | cyrus-sasl2-mit (2.1.22.dfsg1-0debathena2) unstable; urgency=low |
---|
2 | |
---|
3 | * Depend libsasl2-2 instead of libsasl2. |
---|
4 | * Section: debathena/libs. |
---|
5 | |
---|
6 | -- Anders Kaseorg <andersk@mit.edu> Tue, 17 Jul 2007 14:34:25 -0400 |
---|
7 | |
---|
8 | cyrus-sasl2-mit (2.1.22.dfsg1-0debathena1) unstable; urgency=low |
---|
9 | |
---|
10 | * Update to 2.1.22.dfsg1. |
---|
11 | * Only build the kerberos4 plugin. |
---|
12 | |
---|
13 | -- Anders Kaseorg <andersk@mit.edu> Sun, 28 Jan 2007 20:57:27 -0500 |
---|
14 | |
---|
15 | cyrus-sasl2-mit (2.1.19.dfsg1-1) unstable; urgency=low |
---|
16 | |
---|
17 | * Resync with 2.1.19.dfsg1-0.2 |
---|
18 | * Note that the MIT packages do not install digest-md5 so CVE 2006-1721 |
---|
19 | does not apply |
---|
20 | |
---|
21 | -- Sam Hartman <hartmans@debian.org> Sun, 30 Apr 2006 00:49:39 -0400 |
---|
22 | |
---|
23 | cyrus-sasl2-mit (2.1.19-2) unstable; urgency=low |
---|
24 | |
---|
25 | * Sync with 2.1.19-1.7 |
---|
26 | - Includes fix for FTBFS, Closes: #285613 |
---|
27 | * Include NMU from 2.1.19-1.1 |
---|
28 | * Disable gssapi library mutexes as we no longer need them. |
---|
29 | |
---|
30 | -- Sam Hartman <hartmans@debian.org> Fri, 16 Dec 2005 22:01:06 -0500 |
---|
31 | |
---|
32 | cyrus-sasl2-mit (2.1.19-1.1) unstable; urgency=emergency |
---|
33 | |
---|
34 | * NMU |
---|
35 | * resync to cyrus-sasl2 2.1.19-1.5): |
---|
36 | * SECURITY FIX: SASL_PATH environment variable must not be honoured on |
---|
37 | setuid environments, otherwise we have a local privilege escalation |
---|
38 | exploit (CVE: CAN-2004-0884), related advisories: RHSA-2004:546-02; |
---|
39 | GLSA 200410-05 (closes: #276865) |
---|
40 | * upstream CVS: lib/common.c: don't honor SASL_PATH in setuid |
---|
41 | environment. from Gentoo (CVE CAN-2004-0884); |
---|
42 | * Fix to upstream CVS security fix: initialize *path = NULL |
---|
43 | * upstream CVS: plugins/kerberos4.c: document weirdness with openssl DES |
---|
44 | * upstream CVS: plugins/cram.c,plugins/anonymous.c,plugins/login.c, |
---|
45 | plugins/plain.c,plugins/sasldb.c: Fixed several 64 bit portability |
---|
46 | warnings |
---|
47 | * Forward port sasl_set_alloc locking patch from SASL 1.5, to avoid |
---|
48 | problems with the braindead idea of globals SASL has, and with libraries |
---|
49 | that think they can get around mucking with them (hello openldap!) |
---|
50 | * Add Build-Conflicts: autoconf2.13, automake1.4 |
---|
51 | |
---|
52 | -- Henrique de Moraes Holschuh <hmh@debian.org> Sun, 17 Oct 2004 00:43:17 -0300 |
---|
53 | |
---|
54 | cyrus-sasl2-mit (2.1.19-1) unstable; urgency=high |
---|
55 | |
---|
56 | * Resync with cyrus-sasl2 2.1.19-1.1 |
---|
57 | * Urgency = high to keep up with to 2.1.19-1.1 |
---|
58 | * This should really go into testing exactly when 2.1.19-1.1 does for |
---|
59 | all the same reasons |
---|
60 | * Depend on libsasl2 >=2.1.19 |
---|
61 | |
---|
62 | -- Sam Hartman <hartmans@mit.edu> Fri, 20 Aug 2004 14:43:50 -0400 |
---|
63 | |
---|