Navigation:
Browse pkgsrc
(this page)| 2024-04-24 14:46:59 by Jonathan Perkin | Files touched by this commit (1) |
Log message: cyrus-sasl: Remove some outdated text from MESSAGE. Some users found this text confusing and ended up trying to put config files in the very directory we were telling them not to, e.g. https://github.com/TritonDataCenter/pkgsrc/issues/378. This text was added almost 7 years ago, so we can be pretty confident that users have migrated past this change by now. |
| 2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952) |
Log message: *: recursive bump for perl 5.36 |
2022-02-24 12:00:04 by Thomas Klausner | Files touched by this commit (14) |  |
Log message:
cyrus-sasl: update to 2.1.28
New in 2.1.28
build:
configure - Restore LIBS after checking gss_inquire_sec_context_by_oid
makemd5.c - Fix potential out of bound writes
fix build with –disable-shared –enable-static
Dozens of fixes for Windows specific builds
Fix cross platform builds with SPNEGO
Do not try to build broken java subtree
Fix build error with –enable-auth-sasldb
common:
plugin_common.c:
Ensure size is always checked if called repeatedly (#617)
documentation:
Fixed generation of saslauthd(8) man page
Fixed installation of saslauthd(8) and testsaslauthd(8) man pages (#373)
Updates for additional SCRAM mechanisms
Fix sasl_decode64 and sasl_encode64 man pages
Tons of fixes for Sphinx
include:
sasl.h:
Allow up to 16 bits for security flags
lib:
checkpw.c:
Skip one call to strcat
Disable auxprop-hashed (#374)
client.c:
Use proper length for fully qualified domain names
common.c:
CVE-2019-19906 Fix off by one error (#587)
external.c:
fix EXTERNAL with non-terminated input (#689)
saslutil.c:
fix index_64 to be a signed char (#619)
plugins:
gssapi.c:
Emit debug log only in case of errors
ntlm.c:
Fail compile if MD4 is not available (#632)
sql.c:
Finish reading residual return data (#639)
CVE-2022-24407 Escape password for SQL insert/update commands.
sasldb:
db_gdbm.c:
fix gdbm_errno overlay from gdbm_close
DIGEST-MD5 plugin:
Prevent double free of RC4 context
Use OpenSSL RC4 implementation if available
SCRAM plugin:
Return BADAUTH on incorrect password (#545)
Add -224, -384, -512 (#552)
Remove SCRAM_HASH_SIZE
Add function to return SCRAM auth method name
Allocate enough memory in scam_setpass()
Add function to sort SCRAM methods by hash strength
Update windows build for newer SCRAM options
saslauthd:
auth_httpform.c:
Avoid signed overflow with non-ascii characters (#576)
auth_krb5.c:
support setting an explicit auth_krb5 server name
support setting an explicit servername with Heimdal
unify the MIT and Heimdal auth_krb5 implementations
Remove call to krbtf
auth_rimap.c:
provide native memmem implementation if missing
lak.c:
Allow LDAP_OPT_X_TLS_REQUIRE_CERT to be 0 (no certificate verification)
lak.h:
Increase supported DN length to 4096 (#626)
|
| 2021-12-20 20:41:45 by Greg Troxel | Files touched by this commit (1) |
Log message: cyrus-sasl: Extend DESCR to mention plugins |
| 2021-11-15 19:12:45 by Thomas Klausner | Files touched by this commit (1) |
Log message: cyrus-sasl: use BLAKE2s Remove checksums for file that is commented out in Makefile |
| 2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) |
Log message: security: Remove SHA1 hashes for distfiles |
| 2021-05-24 21:56:06 by Thomas Klausner | Files touched by this commit (3575) |
Log message: *: recursive bump for perl 5.34 |
| 2020-05-14 16:31:16 by Nia Alarie | Files touched by this commit (3) |
Log message: cyrus-sasl: Resolve some pkglint warnings |
| 2020-05-14 16:27:32 by Nia Alarie | Files touched by this commit (3) |
Log message: cyrus-sasl: Fix CVE-2019-19906 |
| 2020-05-13 06:35:56 by Roland Illig | Files touched by this commit (1) |
Log message: security/cyrus-sasl: suppress USE_TOOLS+=perl warning |
New packages: