cyrus-sasl: 2.1.27 -> 2.1.28

2022-02-23 15:18:14 +01:00 · 2022-02-23 15:18:14 +01:00 · 097d22fc71
commit 097d22fc71
parent 0752294207
4 changed files with 8 additions and 30 deletions
--- a/cyrus-sasl/.footprint
+++ b/cyrus-sasl/.footprint
@ -108,6 +108,7 @@ drwxr-xr-x	root/root	usr/share/man/man8/
 -rw-r--r--	root/root	usr/share/man/man8/saslauthd.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/sasldblistusers2.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/saslpasswd2.8.gz
+-rw-r--r--	root/root	usr/share/man/man8/testsaslauthd.8.gz
 drwxr-xr-x	root/root	var/
 drwxr-xr-x	root/root	var/sasl/
 drwxr-xr-x	root/root	var/sasl/saslauthd/
--- a/cyrus-sasl/.signature
+++ b/cyrus-sasl/.signature
@ -1,7 +1,6 @@
 untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/WCAxjvVm+3v1QF6tMY8S+ibORY3di+ejGLNAzpv5tGi+/R/EWL+kG4PdJWTEbDUsQi7eJFy51c170/McvSLMwY=
-SHA256 (Pkgfile) = e5b4b96b850a3230f6aac2d11fb519a26fe60579a0eee4a031a35237a0ddda52
-SHA256 (.footprint) = e4e77c95f7485a0b84ae04ce6db392db6aa362e706da3a52ca28f95b97ca6abd
-SHA256 (cyrus-sasl-2.1.27.tar.gz) = 26866b1549b00ffd020f188a43c258017fa1c382b3ddadd8201536f72efb05d5
+RWSE3ohX2g5d/cLF6PAs4a8IC/IKwH7fJHpj4CZ0602Z4LXEx6p4ZJKUyObJSouOtmRyqq66hK9JAPm7qW7tYjZgYJKBg0ha/Ak=
+SHA256 (Pkgfile) = 505e022716d04d973d7ced3c62ea842246254c98757d4b8f63ae8f2e53a93c91
+SHA256 (.footprint) = 7e53348cb8daee90e323eb8a6ccb8f6b035a967177b620732a936d1321994730
+SHA256 (cyrus-sasl-2.1.28.tar.gz) = 7ccfc6abd01ed67c1a0924b353e526f1b766b21f42d4562ee635a8ebfc5bb38c
 SHA256 (saslauthd) = 2a96dca868261d5275087ed8e1eef59946f47c6d35797368710c3037f46e61bd
-SHA256 (cyrus-sasl-2.1.27-CVE-2019-19906.patch) = 7744ae3fd2a9f62a7fa7ba58604dc78d982cfe8f9b740a94dcfd9672ce00bfa8
--- a/cyrus-sasl/Pkgfile
+++ b/cyrus-sasl/Pkgfile
@ -4,16 +4,14 @@
 # Depends on: db openssl linux-pam

 name=cyrus-sasl
-version=2.1.27
-release=2
+version=2.1.28
+release=1
 source=(https://github.com/cyrusimap/$name/releases/download/$name-$version/$name-$version.tar.gz
-  saslauthd cyrus-sasl-2.1.27-CVE-2019-19906.patch)
+  saslauthd)

 build() {
  cd $name-$version

-  patch -p1 -i $SRC/cyrus-sasl-2.1.27-CVE-2019-19906.patch
-
  ./configure \
      --prefix=/usr \
      --sysconfdir=/etc/sasl \
--- a/cyrus-sasl/cyrus-sasl-2.1.27-CVE-2019-19906.patch
+++ b/cyrus-sasl/cyrus-sasl-2.1.27-CVE-2019-19906.patch
@ -1,20 +0,0 @@
-Description: CVE-2019-19906: Off-by-one in _sasl_add_string function
-Origin: vendor
-Bug: https://github.com/cyrusimap/cyrus-sasl/issues/587
-Bug-Debian: https://bugs.debian.org/947043
-Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-19906
-Author: Stephan Zeisberg <stephan@srlabs.de>
-Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
-Last-Update: 2019-12-19
-
--- a/lib/common.c
-+++ b/lib/common.c
-@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t
- 
-   if (add==NULL) add = "(null)";
- 
-  addlen=strlen(add); /* only compute once */
-+  addlen=strlen(add)+1; /* only compute once */
-   if (_buf_alloc(out, alloclen, (*outlen)+addlen)!=SASL_OK)
-     return SASL_NOMEM;
-