cyrus-sasl2-mit 2.1.19-1.1 source package in Ubuntu
Changelog
cyrus-sasl2-mit (2.1.19-1.1) unstable; urgency=emergency * NMU * resync to cyrus-sasl2 2.1.19-1.5): * SECURITY FIX: SASL_PATH environment variable must not be honoured on setuid environments, otherwise we have a local privilege escalation exploit (CVE: CAN-2004-0884), related advisories: RHSA-2004:546-02; GLSA 200410-05 (closes: #276865) * upstream CVS: lib/common.c: don't honor SASL_PATH in setuid environment. from Gentoo (CVE CAN-2004-0884); * Fix to upstream CVS security fix: initialize *path = NULL * upstream CVS: plugins/kerberos4.c: document weirdness with openssl DES * upstream CVS: plugins/cram.c,plugins/anonymous.c,plugins/login.c, plugins/plain.c,plugins/sasldb.c: Fixed several 64 bit portability warnings * Forward port sasl_set_alloc locking patch from SASL 1.5, to avoid problems with the braindead idea of globals SASL has, and with libraries that think they can get around mucking with them (hello openldap!) * Add Build-Conflicts: autoconf2.13, automake1.4 -- Henrique de Moraes Holschuh <email address hidden> Sun, 17 Oct 2004 00:43:17 -0300
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Hoary
- Original maintainer:
- Sam Hartman
- Architectures:
- any
- Section:
- devel
- Urgency:
- Critically Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
cyrus-sasl2-mit_2.1.19-1.1.dsc | 963 bytes | ceb7d6a4a20fe5db841306da3756f1afffaa899d7827528d8426d66a5483f6d1 |
cyrus-sasl2-mit_2.1.19.orig.tar.gz | 1.5 MiB | 20f2ff09f46f1c2a3902d796825932be40dac190cd28668d8953eb7400ccab5c |
cyrus-sasl2-mit_2.1.19-1.1.diff.gz | 28.3 KiB | 8f5fc3e9e413ebd0a8e8c92344da20428db96924085d56398bd55a8c6bafb48d |
No changes file available.
Binary packages built by this source
- libsasl2-gssapi-mit: No summary available for libsasl2-gssapi-mit in ubuntu breezy.
No description available for libsasl2-gssapi-mit in ubuntu breezy.
- libsasl2-krb4-mit: No summary available for libsasl2-krb4-mit in ubuntu breezy.
No description available for libsasl2-krb4-mit in ubuntu breezy.