CVS commit: pkgsrc/security/courier-authlib

[OBATA Akio <obache%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   obache
Date:           Thu Jul  2 12:23:44 UTC 2009

Modified Files:
        pkgsrc/security/courier-authlib: Makefile PLIST distinfo
        pkgsrc/security/courier-authlib/patches: patch-aa patch-ab

Log Message:
Update courier-authlib to 0.62.2.
Include security fix for CVE-2008-2380 and requested by PR#41023
(approved by wiz@).

0.62.2

This release corrects a makefile compatibility problem with bash 4.

0.62.1

This release correct a couple of minor compiler warnings and errors.

  * cryptpassword.c: Fix compiler warnings

  * checkpasswordsha1.c: Fix compiler warnings.

  * authldaplib.c (auth_ldap_enumerate): Fix typo.

0.62.0

This release adds support for additional hash functions, and an
update to the Postgres driver that removes potentional SQL injection
vulnerabilities in some circumstances.

  * authpgsqllib.c: Use PQescapeStringConn() instead of removing all
    apostrophes from query parameters. This fixes a potential SQL injection
    vulnerability if the Postgres database uses a non-Latin locale.

  * Added support for {SSHA}-encrypted passwords. Based on a patch
    by Zou bin <zb%bisp.com@localhost>.

  * Added support for {SHA512} hash function


To generate a diff of this commit:
cvs rdiff -u -r1.32 -r1.33 pkgsrc/security/courier-authlib/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/courier-authlib/PLIST
cvs rdiff -u -r1.12 -r1.13 pkgsrc/security/courier-authlib/distinfo
cvs rdiff -u -r1.6 -r1.7 pkgsrc/security/courier-authlib/patches/patch-aa
cvs rdiff -u -r1.5 -r1.6 pkgsrc/security/courier-authlib/patches/patch-ab

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.