ports/opt (3.7): cyrus-sasl: 2.1.27 -> 2.1.28
commit 097d22fc716673ead00eca7277049cf21151dd2a Author: Tim Biermann <tbier@posteo.de> Date: Wed Feb 23 15:18:14 2022 +0100 cyrus-sasl: 2.1.27 -> 2.1.28 diff --git a/cyrus-sasl/.footprint b/cyrus-sasl/.footprint index a6bb9a344..f56cf3460 100644 --- a/cyrus-sasl/.footprint +++ b/cyrus-sasl/.footprint @@ -108,6 +108,7 @@ drwxr-xr-x root/root usr/share/man/man8/ -rw-r--r-- root/root usr/share/man/man8/saslauthd.8.gz -rw-r--r-- root/root usr/share/man/man8/sasldblistusers2.8.gz -rw-r--r-- root/root usr/share/man/man8/saslpasswd2.8.gz +-rw-r--r-- root/root usr/share/man/man8/testsaslauthd.8.gz drwxr-xr-x root/root var/ drwxr-xr-x root/root var/sasl/ drwxr-xr-x root/root var/sasl/saslauthd/ diff --git a/cyrus-sasl/.signature b/cyrus-sasl/.signature index 423aadd18..18bd116a5 100644 --- a/cyrus-sasl/.signature +++ b/cyrus-sasl/.signature @@ -1,7 +1,6 @@ untrusted comment: verify with /etc/ports/opt.pub -RWSE3ohX2g5d/WCAxjvVm+3v1QF6tMY8S+ibORY3di+ejGLNAzpv5tGi+/R/EWL+kG4PdJWTEbDUsQi7eJFy51c170/McvSLMwY= -SHA256 (Pkgfile) = e5b4b96b850a3230f6aac2d11fb519a26fe60579a0eee4a031a35237a0ddda52 -SHA256 (.footprint) = e4e77c95f7485a0b84ae04ce6db392db6aa362e706da3a52ca28f95b97ca6abd -SHA256 (cyrus-sasl-2.1.27.tar.gz) = 26866b1549b00ffd020f188a43c258017fa1c382b3ddadd8201536f72efb05d5 +RWSE3ohX2g5d/cLF6PAs4a8IC/IKwH7fJHpj4CZ0602Z4LXEx6p4ZJKUyObJSouOtmRyqq66hK9JAPm7qW7tYjZgYJKBg0ha/Ak= +SHA256 (Pkgfile) = 505e022716d04d973d7ced3c62ea842246254c98757d4b8f63ae8f2e53a93c91 +SHA256 (.footprint) = 7e53348cb8daee90e323eb8a6ccb8f6b035a967177b620732a936d1321994730 +SHA256 (cyrus-sasl-2.1.28.tar.gz) = 7ccfc6abd01ed67c1a0924b353e526f1b766b21f42d4562ee635a8ebfc5bb38c SHA256 (saslauthd) = 2a96dca868261d5275087ed8e1eef59946f47c6d35797368710c3037f46e61bd -SHA256 (cyrus-sasl-2.1.27-CVE-2019-19906.patch) = 7744ae3fd2a9f62a7fa7ba58604dc78d982cfe8f9b740a94dcfd9672ce00bfa8 diff --git a/cyrus-sasl/Pkgfile b/cyrus-sasl/Pkgfile index 2b77ea4ae..795c06fe8 100644 --- a/cyrus-sasl/Pkgfile +++ b/cyrus-sasl/Pkgfile @@ -4,16 +4,14 @@ # Depends on: db openssl linux-pam name=cyrus-sasl -version=2.1.27 -release=2 +version=2.1.28 +release=1 source=(https://github.com/cyrusimap/$name/releases/download/$name-$version/$name-$v... - saslauthd cyrus-sasl-2.1.27-CVE-2019-19906.patch) + saslauthd) build() { cd $name-$version - patch -p1 -i $SRC/cyrus-sasl-2.1.27-CVE-2019-19906.patch - ./configure \ --prefix=/usr \ --sysconfdir=/etc/sasl \ diff --git a/cyrus-sasl/cyrus-sasl-2.1.27-CVE-2019-19906.patch b/cyrus-sasl/cyrus-sasl-2.1.27-CVE-2019-19906.patch deleted file mode 100644 index 82b9e1fb6..000000000 --- a/cyrus-sasl/cyrus-sasl-2.1.27-CVE-2019-19906.patch +++ /dev/null @@ -1,20 +0,0 @@ -Description: CVE-2019-19906: Off-by-one in _sasl_add_string function -Origin: vendor -Bug: https://github.com/cyrusimap/cyrus-sasl/issues/587 -Bug-Debian: https://bugs.debian.org/947043 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-19906 -Author: Stephan Zeisberg <stephan@srlabs.de> -Reviewed-by: Salvatore Bonaccorso <carnil@debian.org> -Last-Update: 2019-12-19 - ---- a/lib/common.c -+++ b/lib/common.c -@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t - - if (add==NULL) add = "(null)"; - -- addlen=strlen(add); /* only compute once */ -+ addlen=strlen(add)+1; /* only compute once */ - if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK) - return SASL_NOMEM; -
participants (1)
-
crux@crux.nu