-
cyrus-sasl2 (2.1.26.dfsg1-13ubuntu0.1) vivid-security; urgency=medium
* SECURITY UPDATE: denial of service via invalid salt
- debian/patches/CVE-2013-4122.patch: properly handle glibc returning
NULL on an invalid salt in pwcheck/pwcheck_getpwnam.c,
pwcheck/pwcheck_getspnam.c, saslauthd/auth_getpwent.c,
saslauthd/auth_shadow.c.
- CVE-2013-4122
-- Marc Deslauriers <email address hidden> Fri, 25 Sep 2015 12:44:49 -0400
-
cyrus-sasl2 (2.1.26.dfsg1-13) unstable; urgency=medium
* Shutdown down the write side of the socket and wait for the client to
close the connection (0 byte read) before closing the server side
(Closes: #777349) (Courtesy of Kees Cook)
-- Ondřej Surý <email address hidden> Mon, 09 Mar 2015 14:21:23 +0100
-
cyrus-sasl2 (2.1.26.dfsg1-12) unstable; urgency=medium
* Add patch to fix login to dovecot imapd 2.x (Closes: #715040)
-- Ondřej Surý <email address hidden> Fri, 17 Oct 2014 14:41:06 +0200
-
cyrus-sasl2 (2.1.26.dfsg1-11) unstable; urgency=medium
* Create libsasl2.pc from Makefile for proper substitions
(Closes: #754066)
-- Ondřej Surý <email address hidden> Fri, 11 Jul 2014 10:59:23 +0200
