← Back to branch summary

~ubuntu-branches/ubuntu/hoary/cyrus-sasl2-mit/hoary

~ubuntu-branches/ubuntu/hoary/cyrus-sasl2-mit/hoary

« back to all changes in this revision

Viewing changes to debian/patches/08_mutex.diff

Committer: Bazaar Package Importer
Author(s): Henrique de Moraes Holschuh
Date: 2004-10-17 00:43:17 UTC
mfrom: (1.1.1 upstream)
Revision ID: james.westby@ubuntu.com-20041017004317-bw00ccnnc5n3lykg

Tags: 2.1.19-1.1

http://bugs.debian.org/276865

* NMU
* resync to cyrus-sasl2 2.1.19-1.5):
  * SECURITY FIX: SASL_PATH environment variable must not be honoured on
    setuid environments, otherwise we have a local privilege escalation
    exploit (CVE: CAN-2004-0884), related advisories: RHSA-2004:546-02;
    GLSA 200410-05 (closes: #276865)
    * upstream CVS: lib/common.c: don't honor SASL_PATH in setuid
      environment. from Gentoo (CVE CAN-2004-0884);
    * Fix to upstream CVS security fix: initialize *path = NULL
  * upstream CVS: plugins/kerberos4.c: document weirdness with openssl DES
  * upstream CVS: plugins/cram.c,plugins/anonymous.c,plugins/login.c,
    plugins/plain.c,plugins/sasldb.c: Fixed several 64 bit portability
    warnings
  * Forward port sasl_set_alloc locking patch from SASL 1.5, to avoid
    problems with the braindead idea of globals SASL has, and with libraries
    that think they can get around mucking with them (hello openldap!)
  * Add Build-Conflicts: autoconf2.13, automake1.4

files added:
cyrus-sasl-2.1.19.tar.gz

debian/13_libdb42_autotools.diff

debian/patches/12_pr245818.diff

debian/patches/13_libdb42_autotools.diff

debian/patches/14_manpages_section.diff

debian/patches/20_2368_sasl_upstream_cvs.diff

debian/patches/20_2369_sasl_upstream_cvs.diff

debian/patches/20_2370_sasl_upstream_cvs.diff

debian/patches/20_2371_sasl_upstream_cvs.diff

debian/patches/20_2372_sasl_upstream_cvs.diff

debian/patches/20_2373_sasl_upstream_cvs.diff

debian/patches/21_237x_1_sasl_upstream_cvs.diff

debian/patches/21_237x_2_sasl_upstream_cvs.diff

debian/patches/21_237x_3_sasl_upstream_cvs.diff

debian/patches/22_237x_3_sasl_upstream_cvs-FIX.diff

p

p/02_versioned_symbols.diff

p/05_dbconverter.diff

p/06_testsuite.diff

p/11_remove_rpath.diff

files removed:
cyrus-sasl-2.1.18.tar.gz

debian/patches/07_libtool.diff

files modified:
debian/changelog

debian/control

debian/patches/00_strict-aliasing.diff

debian/patches/01_maintainer_mode.diff

debian/patches/02_versioned_symbols.diff

debian/patches/03_saslauthd_mdoc.diff

debian/patches/04_missing_man_pages.diff

debian/patches/05_dbconverter.diff

debian/patches/06_testsuite.diff

debian/patches/08_mutex.diff

debian/patches/09_postgres_header.diff

debian/patches/10_fix_sasldb.al.diff

debian/patches/11_remove_rpath.diff

debian/rules

debian/sasl2-bin.init

Show diffs side-by-side

added added

removed removed

debian/patches/08_mutex.diff

1

diff -urN cyrus-sasl-2.1.18/lib/common.c cyrus-sasl-2.1.18.new/lib/common.c

2

--- cyrus-sasl-2.1.18/lib/common.c 2004-03-10 15:51:35.000000000 +0000

3

+++ cyrus-sasl-2.1.18.new/lib/common.c 2004-03-20 21:58:39.000000000 +0000

1

diff -urN cyrus-sasl-2.1.19/lib/common.c cyrus-sasl-2.1.19.new/lib/common.c

2

--- cyrus-sasl-2.1.19/lib/common.c 2004-03-10 15:51:35.000000000 +0000

3

+++ cyrus-sasl-2.1.19.new/lib/common.c 2004-03-20 21:58:39.000000000 +0000

4

4

@@ -440,7 +440,7 @@

5

5

result = sasl_canonuser_add_plugin("INTERNAL", internal_canonuser_init);

6

6

if(result != SASL_OK) return result;

Older »