Navigation:
Browse pkgsrc
(this page)
security gsasl
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377) |
Log message: *: recursive bump for icu 74.1 |
| 2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message: *: bump for openssl 3 |
2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2359) |  |
Log message: revbump after textproc/icu update |
| 2022-10-26 12:32:08 by Thomas Klausner | Files touched by this commit (687) |
Log message: *: bump PKGREVISION for libunistring shlib major bump |
| 2022-07-17 10:24:53 by Thomas Klausner | Files touched by this commit (4) | |
Log message: gsasl: update to 2.0.1. * Noteworthy changes in release 2.0.1 (2022-07-15) [stable] ** Support for the libgssglue GSS-API library were added. We encourage you to build with libgssglue, as that allows system administrators and end-users to chose between MIT Kerberos, Heimdal and GNU GSS during run-time. Read about the background here: https://blog.josefsson.org/2022/07/14/towards-pluggable-gss-api-modules/ ** GSSAPI client: don't use AUTHID as fallback for AUTHZID. The code historically used the AUTHID as authorization identity, but in 2012 we changed it to first query for AUTHZID, and only if that is not available, fall back to using AUTHID as the authorization identity. The change was not released until version 1.8.1 on 2019-08-02, when it was properly documented to be removed 'after the year 2012'. While documented behaviour, this seems like just surprising behaviour and we now finally make the change. ** GSSAPI server: don't set AUTHZID to empty string when absent. The GSS-API SASL protocol does not differentiate between an absent authorization identity and an authorization identity that is the empty string. Previously libgsasl would set it to the empty string but now it is set to NULL. The manual explains that this is a protocol limitation. ** The examples/smtp-server.c now supports GSSAPI/GS2-KRB5. The example is used during CI/CD testing of GNU SASL and thus it made sense to extend it. Some bugs related to getline error conditions were also fixed. ** GSSAPI server: Fix out-of-bounds read. A malicious client can after it has authenticated with Kerberos send a specially crafted message that causes Libgsasl to read out of bounds and cause a crash in the server. * Noteworthy changes in release 2.0.0 (2022-06-20) [stable] ** Compared to last stable branch 1.10.x the 2.0.0 release ** drops all obsolete APIs, drops the abandoned KERBEROS_V5 mechanism, ** stops shipping a separate tarball for only the library, adds new APIs ** gsasl_mechanism_name_p() and gsasl_property_free(). Numerous other translation improvements, code cleanups, bug fixes, documentation additions, build improvements and portability enhancements were made as well. |
| 2021-12-08 17:07:18 by Adam Ciarcinski | Files touched by this commit (3063) |
Log message: revbump for icu and libffi |
| 2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) |
Log message: security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo \ cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2 |
| 2021-10-21 09:46:39 by Thomas Klausner | Files touched by this commit (77) |
Log message: *: recursive bump for heimdal 7.7.0 its buildlink3.mk now includes openssl's buildlink3.mk |
New packages: