lp:ubuntu/gutsy/cyrus-sasl2-mit
- Get this branch:
- bzr branch lp:ubuntu/gutsy/cyrus-sasl2-mit
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 5. By Sam Hartman
-
* Resync with 2.1.19.dfsg1-0.2
* Note that the MIT packages do not install digest-md5 so CVE 2006-1721
does not apply - 4. By Sam Hartman
-
* Sync with 2.1.19-1.7
- Includes fix for FTBFS, Closes: #285613
* Include NMU from 2.1.19-1.1
* Disable gssapi library mutexes as we no longer need them. - 3. By Henrique de Moraes Holschuh
-
* NMU
* resync to cyrus-sasl2 2.1.19-1.5):
* SECURITY FIX: SASL_PATH environment variable must not be honoured on
setuid environments, otherwise we have a local privilege escalation
exploit (CVE: CAN-2004-0884), related advisories: RHSA-2004:546-02;
GLSA 200410-05 (closes: #276865)
* upstream CVS: lib/common.c: don't honor SASL_PATH in setuid
environment. from Gentoo (CVE CAN-2004-0884);
* Fix to upstream CVS security fix: initialize *path = NULL
* upstream CVS: plugins/kerberos4. c: document weirdness with openssl DES
* upstream CVS: plugins/cram.c, plugins/ anonymous. c,plugins/ login.c,
plugins/plain.c, plugins/ sasldb. c: Fixed several 64 bit portability
warnings
* Forward port sasl_set_alloc locking patch from SASL 1.5, to avoid
problems with the braindead idea of globals SASL has, and with libraries
that think they can get around mucking with them (hello openldap!)
* Add Build-Conflicts: autoconf2.13, automake1.4
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)