-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 14 Aug 2004 13:04:38 -0300 Source: cyrus-sasl2 Binary: libsasl2 libsasl2-modules-sql sasl2-bin libsasl2-modules libsasl2-dev libsasl2-modules-gssapi-heimdal libsasl2-modules-kerberos-heimdal Architecture: source i386 Version: 2.1.19-1.1 Distribution: unstable Urgency: medium Maintainer: Dima Barsky <dima@debian.org> Changed-By: Henrique de Moraes Holschuh <hmh@debian.org> Description: libsasl2 - Authentication abstraction library libsasl2-dev - Development files for authentication abstraction library libsasl2-modules - Pluggable Authentication Modules for SASL libsasl2-modules-gssapi-heimdal - Pluggable Authentication Modules for SASL libsasl2-modules-kerberos-heimdal - Pluggable Authentication Modules for SASL libsasl2-modules-sql - Pluggable Authentication Modules for SASL sasl2-bin - Programs for manipulating the SASL users database Closes: 202836 242184 245818 248333 256808 262339 Changes: cyrus-sasl2 (2.1.19-1.1) unstable; urgency=medium . * NMU with permission from the maintainer * Release Manager: SASL 2.1.18 (currently in sarge) is very unusable. Please accept this upload for sarge. The main reasons justifying this are: * Security fixes from upstream: at least one buffer overflow was plugged in 2.1.19, and the code was made more secure, which may have plugged other latent security bugs. * Essential feature: 2.1.18 has a very bad regression in that saslauthd cannot support realms embedded inside the username as previous versions did. However, that regression is exactly how it should be behaving since day one, never mind that too many setups are hopeless with the realm information out-of-band. 2.1.19 adds a "-r" option to saslauthd which restores the former behaviour. Both behaviours are needed, depending on the SASL mechs being used (one sends the realm out-of-band, the other in-band). Users have complained loudly about this issue, not only in Debian, but in the SASL and Cyrus IMAP mailinglists as well. For way too many people and setups, "-r" is essential * Essential bug fixes: Digest-MD5 and GSSAPI are quite broken in 2.1.18, and extensive fixes were applied on them in 2.1.19. In fact, 2.1.18 GSSAPI does _not_ work completely right against Heimdall and MIT kerberos. * ABI version issue: the 2.1.19-1 Debian package was uploaded to _unstable_ before the freeze. Maybe because of that, the maintainer did upgrade the shlibs dependency to 2.1.19 (I have confirmed that to be required for SASL modules, so it appears to be really required). Packages built in _unstable_ since them are being held back due to this issue. The best fix for packages that use libsasl2 *is* getting this new version into sarge, due to all other fixes. * Bugs closed in 2.1.19-1, but not ackwnoleged before: * Fix FTBFS in hppa, due to broken libtool usage, thanks to Steve Langasek for the patch (closes: #245818) * 2.1.19 supports saslauthd "-r" option (closes: #248333, #256808) * Changes in this NMU: * upstream CVS: plugins/digestmd5.c: Fix handling of client realm callback * upstream CVS: plugins/gssapi.c: Memory management cleanup * upstream CVS: configure.in, plugins/gssapi.c: Wrap all GSS calls in mutexes when required by the implementation (closes: #202836) THIS PATCH PROBABLY SHOULD BE SET TO DISABLED BY DEFAULT WHEN MIT KERBEROS 1.3.5 ENTERS UNSTABLE (see https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2255) * Libtool is refreshed at every build, so this upload closes: #262339 * debian/control: build-depend on debhelper (>= 4) * debian/control: build-depend on libtool (>= 1.5.6) instead of (>= 1.5.2-1) * Fix initscript to return status 0 if stop called when daemon is already stopped (closes: #242184) Files: 0e575c5ccb0c4ce0b534d81c78071547 1062 devel important cyrus-sasl2_2.1.19-1.1.dsc b0300d23682d9b70573637471a018fc5 25845 devel important cyrus-sasl2_2.1.19-1.1.diff.gz e265fc81110bdd8e043db7625ee93502 112276 utils important sasl2-bin_2.1.19-1.1_i386.deb 4c406d61da5ccf78bfb3681b24778233 155392 libs important libsasl2-modules_2.1.19-1.1_i386.deb 802ed026d8cd76cb1340adad3b2ad254 50478 libs optional libsasl2-modules-sql_2.1.19-1.1_i386.deb cba51fb1127d30a3c59742f6320bf0c9 52510 libs optional libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb 90bcd98138e91453982b09cd41dad1ed 52198 libs optional libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb ff6062fbd46846751754b75f87fc0520 257506 libs important libsasl2_2.1.19-1.1_i386.deb 4766e04a0d9e4ba31523e3b313cb8fcd 245244 libdevel optional libsasl2-dev_2.1.19-1.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBH5oW7iXePxzbD+MRAmqrAJ9ab9vXiRde7XVsvwH8DaUxPIEVEgCgj9hx Mf8AxqcZDulPKgCnxeDyDb4= =ct5c -----END PGP SIGNATURE----- Accepted: cyrus-sasl2_2.1.19-1.1.diff.gz to pool/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19-1.1.diff.gz cyrus-sasl2_2.1.19-1.1.dsc to pool/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19-1.1.dsc libsasl2-dev_2.1.19-1.1_i386.deb to pool/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.1_i386.deb libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb to pool/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb to pool/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb libsasl2-modules-sql_2.1.19-1.1_i386.deb to pool/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.1_i386.deb libsasl2-modules_2.1.19-1.1_i386.deb to pool/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.1_i386.deb libsasl2_2.1.19-1.1_i386.deb to pool/main/c/cyrus-sasl2/libsasl2_2.1.19-1.1_i386.deb sasl2-bin_2.1.19-1.1_i386.deb to pool/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.1_i386.deb -- To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
