Re: Cyrus SASL 2.1.23 Released

To: pkgsrc-users%netbsd.org@localhost
Subject: Re: Cyrus SASL 2.1.23 Released
From: "OBATA Akio" <obache%netbsd.org@localhost>
Date: Fri, 15 May 2009 08:43:13 +0900

I've updated cyrus-sasl to 2.1.23 in pkgsrc-HEAD.

On release announcement:

> I'd like to announce the release of Cyrus SASL 2.1.23 on
> ftp.andrew.cmu.edu.  This version includes a fix for a potential buffer
> overflow in sasl_encode64() (see http://www.kb.cert.org/vuls/id/238019),
> otherwise it is identical to 2.1.22.  Please note that while this fixes
> vulnerable code, non-vulnerable code may break if the buffer passed to
> sasl_encode64() is the exact size of the encoded data and doesn't
> include space for the trailing NUL.

If it broke pkgsrc's packages, please report to upstream and/or here(or 
send-pr).

-- 
"Of course I love NetBSD":-)
OBATA Akio / obache%NetBSD.org@localhost

Prev by Date: Re: emulators/suse100_base on NetBSD-5/amd64 broken?
Next by Date: Re: less can't read from a pipe on AIX
Previous by Thread: net/p5-NetPacket needs to know that it uses Module::Build
Next by Thread: AIX ld vs. graphics/netpbm
Indexes:

Home | Main Index | Thread Index | Old Index