PR/41023 CVS commit: pkgsrc/security/courier-authlib

To: jlam%NetBSD.org@localhost, gnats-admin%netbsd.org@localhost, pkgsrc-bugs%netbsd.org@localhost, bughunting%xs4all.nl@localhost
Subject: PR/41023 CVS commit: pkgsrc/security/courier-authlib
From: OBATA Akio <obache%netbsd.org@localhost>
Date: Thu, 2 Jul 2009 12:35:02 +0000 (UTC)

The following reply was made to PR pkg/41023; it has been noted by GNATS.

From: OBATA Akio <obache%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/41023 CVS commit: pkgsrc/security/courier-authlib
Date: Thu, 2 Jul 2009 12:23:44 +0000

 Module Name:   pkgsrc
 Committed By:  obache
 Date:          Thu Jul  2 12:23:44 UTC 2009

 Modified Files:
        pkgsrc/security/courier-authlib: Makefile PLIST distinfo
        pkgsrc/security/courier-authlib/patches: patch-aa patch-ab

 Log Message:
 Update courier-authlib to 0.62.2.
 Include security fix for CVE-2008-2380 and requested by PR#41023
 (approved by wiz@).

 0.62.2

 This release corrects a makefile compatibility problem with bash 4.

 0.62.1

 This release correct a couple of minor compiler warnings and errors.

   * cryptpassword.c: Fix compiler warnings

   * checkpasswordsha1.c: Fix compiler warnings.

   * authldaplib.c (auth_ldap_enumerate): Fix typo.

 0.62.0

 This release adds support for additional hash functions, and an
 update to the Postgres driver that removes potentional SQL injection
 vulnerabilities in some circumstances.

   * authpgsqllib.c: Use PQescapeStringConn() instead of removing all
     apostrophes from query parameters. This fixes a potential SQL injection
     vulnerability if the Postgres database uses a non-Latin locale.

   * Added support for {SSHA}-encrypted passwords. Based on a patch
     by Zou bin <zb%bisp.com@localhost>.

   * Added support for {SHA512} hash function

 To generate a diff of this commit:
 cvs rdiff -u -r1.32 -r1.33 pkgsrc/security/courier-authlib/Makefile
 cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/courier-authlib/PLIST
 cvs rdiff -u -r1.12 -r1.13 pkgsrc/security/courier-authlib/distinfo
 cvs rdiff -u -r1.6 -r1.7 pkgsrc/security/courier-authlib/patches/patch-aa
 cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/courier-authlib/patches/patch-ab

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Prev by Date: Re: pkg/41023 (Outdated, and vulnerable, security/courier-authlib package in pkgsrc-current)
Next by Date: pkg/41664: misc/openoffice3 build failure (NetBSD 4.0)
Previous by Thread: Re: pkg/41504 (x11/xscreensaver fails with "Undefined PLT symbol")
Next by Thread: pkg/41664: misc/openoffice3 build failure (NetBSD 4.0)
Indexes:

Home | Main Index | Thread Index | Old Index