cyrus-sasl2 2.1.27+dfsg-2ubuntu0.1 source package in Ubuntu
Changelog
cyrus-sasl2 (2.1.27+dfsg-2ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: SQL injection in SQL plugin
- debian/patches/CVE-2022-24407.patch: escape password for SQL
insert/update commands in plugins/sql.c.
- CVE-2022-24407
-- Marc Deslauriers <email address hidden> Tue, 15 Feb 2022 15:03:43 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | main | devel | |
| Focal | security | main | devel |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cyrus-sasl2_2.1.27+dfsg.orig.tar.xz | 2.0 MiB | 108b0c691c423837264f05abb559ea76c3dfdd91246555e8abe87c129a6e37cd |
| cyrus-sasl2_2.1.27+dfsg-2ubuntu0.1.debian.tar.xz | 98.4 KiB | 3302921c83bc99cebffaf696e7dc7cba78d355370c1810bf7a06b1977e2db63b |
| cyrus-sasl2_2.1.27+dfsg-2ubuntu0.1.dsc | 3.4 KiB | a0e031776b7c378921dc8ea5ba4244f75804e9b7ea8cadd579febf7a87a9bac3 |
Available diffs
Binary packages built by this source
- cyrus-sasl2-doc: Cyrus SASL - documentation
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package contains documentation for system administrators.
- libsasl2-2: Cyrus SASL - authentication abstraction library
This is the Cyrus SASL API implementation, version 2.1.
.
SASL is the Simple Authentication and Security Layer, a method for
adding authentication support to connection-based protocols. To use
SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating
protection of subsequent protocol interactions. If its use is
negotiated, a security layer is inserted between the protocol and the
connection. See RFC 2222 for more information.
.
Any of: ANONYMOUS, CRAM-MD5, DIGEST-MD5, GSSAPI (MIT or Heimdal
Kerberos 5), NTLM, OTP, PLAIN, or LOGIN can be used.
- libsasl2-2-dbgsym: debug symbols for libsasl2-2
- libsasl2-dev: Cyrus SASL - development files for authentication abstraction library
This is the Cyrus SASL API implementation, version 2. See package
libsasl2-2 and RFC 2222 for more information.
.
This package includes development files for compiling programs with SASL
support. It is needed for development purposes only.
- libsasl2-modules: Cyrus SASL - pluggable authentication modules
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package provides the following SASL modules: LOGIN, PLAIN, ANONYMOUS,
NTLM, CRAM-MD5, and DIGEST-MD5 (with DES support).
- libsasl2-modules-db: Cyrus SASL - pluggable authentication modules (DB)
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package provides the DB plugin, which supports Berkeley DB lookups.
- libsasl2-modules-db-dbgsym: debug symbols for libsasl2-modules-db
- libsasl2-modules-dbgsym: debug symbols for libsasl2-modules
- libsasl2-modules-gssapi-heimdal: Pluggable Authentication Modules for SASL (GSSAPI)
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package provides the GSSAPI plugin, compiled with the Heimdal
Kerberos 5 library.
- libsasl2-modules-gssapi-heimdal-dbgsym: debug symbols for libsasl2-modules-gssapi-heimdal
- libsasl2-modules-gssapi-mit: Cyrus SASL - pluggable authentication modules (GSSAPI)
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package provides the GSSAPI plugin, compiled with the MIT
Kerberos 5 library.
- libsasl2-modules-gssapi-mit-dbgsym: debug symbols for libsasl2-modules-gssapi-mit
- libsasl2-modules-ldap: Cyrus SASL - pluggable authentication modules (LDAP)
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package provides the LDAP plugin, which supports OpenLDAP.
- libsasl2-modules-ldap-dbgsym: debug symbols for libsasl2-modules-ldap
- libsasl2-modules-otp: Cyrus SASL - pluggable authentication modules (OTP)
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package provides the OTP plugin, which supports one time passwords.
- libsasl2-modules-otp-dbgsym: debug symbols for libsasl2-modules-otp
- libsasl2-modules-sql: Cyrus SASL - pluggable authentication modules (SQL)
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package provides the SQL plugin, which supports MySQL, PostgreSQL
and SQLite.
- libsasl2-modules-sql-dbgsym: debug symbols for libsasl2-modules-sql
- sasl2-bin: Cyrus SASL - administration programs for SASL users database
This is the Cyrus SASL API implementation, version 2.1. See package
libsasl2-2 and RFC 2222 for more information.
.
This package contains administration programs for the SASL users
database and common binary files for plugin modules.
- sasl2-bin-dbgsym: debug symbols for sasl2-bin
