-
Committer:
Bazaar Package Importer
-
Author(s):
Martin Pitt
-
Date:
2006-04-24 11:58:30 UTC
-
Revision ID:
james.westby@ubuntu.com-20060424115830-yisaords2tg9dxxf
Tags: 2.1.19.dfsg1-0.1ubuntu2
* SECURITY UPDATE: Remote DoS with crafted realms during DIGEST-MD5
negotiation.
* Add debian/patches/27_upstream_cvs_digest-md5-crash.diff:
- plugins/digestmd5.c: Check that the provided realm is valid to avoid
crash.
- Patch taken from upstream CVS, fixed upstream in 2.1.21:
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/
plugins/digestmd5.c.diff?r1=1.173&r2=1.175&f=u
* CVE-2006-1721