pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/courier-authlib Update courier-authlib to 0.6...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/f12885c317f2
branches:  trunk
changeset: 560874:f12885c317f2
user:      obache <obache%pkgsrc.org@localhost>
date:      Thu Jul 02 12:23:44 2009 +0000

description:
Update courier-authlib to 0.62.2.
Include security fix for CVE-2008-2380 and requested by PR#41023
(approved by wiz@).

0.62.2

This release corrects a makefile compatibility problem with bash 4.

0.62.1

This release correct a couple of minor compiler warnings and errors.

  * cryptpassword.c: Fix compiler warnings

  * checkpasswordsha1.c: Fix compiler warnings.

  * authldaplib.c (auth_ldap_enumerate): Fix typo.

0.62.0

This release adds support for additional hash functions, and an
update to the Postgres driver that removes potentional SQL injection
vulnerabilities in some circumstances.

  * authpgsqllib.c: Use PQescapeStringConn() instead of removing all
    apostrophes from query parameters. This fixes a potential SQL injection
    vulnerability if the Postgres database uses a non-Latin locale.

  * Added support for {SSHA}-encrypted passwords. Based on a patch
    by Zou bin <zb%bisp.com@localhost>.

  * Added support for {SHA512} hash function

diffstat:

 security/courier-authlib/Makefile         |   4 ++--
 security/courier-authlib/PLIST            |   3 ++-
 security/courier-authlib/distinfo         |  12 ++++++------
 security/courier-authlib/patches/patch-aa |   8 ++++----
 security/courier-authlib/patches/patch-ab |  10 +++++-----
 5 files changed, 19 insertions(+), 18 deletions(-)

diffs (107 lines):

diff -r 16ddf379271d -r f12885c317f2 security/courier-authlib/Makefile
--- a/security/courier-authlib/Makefile Thu Jul 02 11:44:11 2009 +0000
+++ b/security/courier-authlib/Makefile Thu Jul 02 12:23:44 2009 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.32 2009/06/27 04:16:57 obache Exp $
+# $NetBSD: Makefile,v 1.33 2009/07/02 12:23:44 obache Exp $
 
 .include "Makefile.common"
 
-DISTNAME=      courier-authlib-0.61.0
+DISTNAME=      courier-authlib-0.62.2
 CATEGORIES=    security
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=courier/}
 EXTRACT_SUFX=  .tar.bz2
diff -r 16ddf379271d -r f12885c317f2 security/courier-authlib/PLIST
--- a/security/courier-authlib/PLIST    Thu Jul 02 11:44:11 2009 +0000
+++ b/security/courier-authlib/PLIST    Thu Jul 02 12:23:44 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2008/10/01 11:43:41 obache Exp $
+@comment $NetBSD: PLIST,v 1.9 2009/07/02 12:23:44 obache Exp $
 bin/courierauthconfig
 include/courier_auth_config.h
 include/courierauth.h
@@ -21,6 +21,7 @@
 man/man3/auth_login.3
 man/man3/auth_passwd.3
 man/man3/auth_sasl.3
+man/man3/auth_sasl_ex.3
 man/man3/authlib.3
 man/man8/makeuserdb.8
 man/man8/userdb.8
diff -r 16ddf379271d -r f12885c317f2 security/courier-authlib/distinfo
--- a/security/courier-authlib/distinfo Thu Jul 02 11:44:11 2009 +0000
+++ b/security/courier-authlib/distinfo Thu Jul 02 12:23:44 2009 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.12 2008/09/28 22:15:30 tonnerre Exp $
+$NetBSD: distinfo,v 1.13 2009/07/02 12:23:44 obache Exp $
 
-SHA1 (courier-authlib-0.61.0.tar.bz2) = 0caf0f435411124b02fe2594b39feceff5b23159
-RMD160 (courier-authlib-0.61.0.tar.bz2) = 91fb8ac8960659b7cc4ea9574e1af11fa8f7dc86
-Size (courier-authlib-0.61.0.tar.bz2) = 2174172 bytes
-SHA1 (patch-aa) = ef77c9c240659f2a553735dcc8ec27bfb144f973
-SHA1 (patch-ab) = 7d9ffb781102b998a9bd5c9c7ec3d04aa44770d3
+SHA1 (courier-authlib-0.62.2.tar.bz2) = dc495ad6c54c271483d4862e09788621d86629a9
+RMD160 (courier-authlib-0.62.2.tar.bz2) = c0f4f32994056f8034f30055cfe55238d137a2ca
+Size (courier-authlib-0.62.2.tar.bz2) = 2233216 bytes
+SHA1 (patch-aa) = 6984af03cce59cee3987526d5c87bb71c8eac635
+SHA1 (patch-ab) = 0f3d86e9bd296c9abc044917656495fd8584bc08
diff -r 16ddf379271d -r f12885c317f2 security/courier-authlib/patches/patch-aa
--- a/security/courier-authlib/patches/patch-aa Thu Jul 02 11:44:11 2009 +0000
+++ b/security/courier-authlib/patches/patch-aa Thu Jul 02 12:23:44 2009 +0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-aa,v 1.6 2008/09/28 22:15:30 tonnerre Exp $
+$NetBSD: patch-aa,v 1.7 2009/07/02 12:23:44 obache Exp $
 
---- Makefile.in.orig   2008-07-12 21:41:08.000000000 +0200
+--- Makefile.in.orig   2009-02-03 23:39:56.000000000 +0000
 +++ Makefile.in
 @@ -453,7 +453,7 @@ CLEANFILES = authldaprc.h authmysqlrc.h 
  
@@ -212,11 +212,11 @@
                                $(DESTDIR)$(sbindir)/userdbpw ; \
                $(INSTALL_SCRIPT) userdb-test-cram-md5.pl \
                                $(DESTDIR)$(sbindir)/userdb-test-cram-md5
--      for f in $(pkglib_LTLIBRARIES); do . $$f; rm -f $(DESTDIR)$(pkglibdir)/$$dlname.0 $(DESTDIR)$(pkglibdir)/$$dlname.0.0; ln -s $$dlname $(DESTDIR)$(pkglibdir)/$$dlname.0; done
+-      for f in $(pkglib_LTLIBRARIES); do . ./$$f; rm -f $(DESTDIR)$(pkglibdir)/$$dlname.0 $(DESTDIR)$(pkglibdir)/$$dlname.0.0; ln -s $$dlname $(DESTDIR)$(pkglibdir)/$$dlname.0; done
  
  uninstall-hook: uninstall-authldaprc uninstall-authdaemonrc uninstall-authmysqlrc uninstall-authpgsqlrc
        rm -f $(DESTDIR)$(pkglibexecdir)/authdaemond
-@@ -1747,13 +1746,13 @@ README_authlib.html: README_authlib.html
+@@ -1751,13 +1750,13 @@ README_authlib.html: README_authlib.html
  authdaemond.o: authdaemonrc.h authdaemond.c
  
  install-migrate: authmigrate
diff -r 16ddf379271d -r f12885c317f2 security/courier-authlib/patches/patch-ab
--- a/security/courier-authlib/patches/patch-ab Thu Jul 02 11:44:11 2009 +0000
+++ b/security/courier-authlib/patches/patch-ab Thu Jul 02 12:23:44 2009 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-ab,v 1.5 2007/10/15 15:37:01 jlam Exp $
+$NetBSD: patch-ab,v 1.6 2009/07/02 12:23:44 obache Exp $
 
---- configure.orig     Sat Sep 29 14:43:43 2007
+--- configure.orig     2009-02-03 23:39:55.000000000 +0000
 +++ configure
-@@ -23855,7 +23855,7 @@ done
+@@ -23578,7 +23578,7 @@ done
  test -n "$PG_CONFIG" || PG_CONFIG="pg_config"
  
  
@@ -11,7 +11,7 @@
  
  # Check whether --with-pgsql-libs was given.
  if test "${with_pgsql_libs+set}" = set; then
-@@ -25649,7 +25649,7 @@ rm -f authdaemonrc.h authldaprc.h authmy
+@@ -25365,7 +25365,7 @@ rm -f authdaemonrc.h authldaprc.h authmy
  
  result=""
  
@@ -20,7 +20,7 @@
  then
        $COURIERCONFIG >conftest.out || exit 1
        sed -n '/^mail/p' <conftest.out >conftest2.out || exit 1
-@@ -25661,7 +25661,7 @@ then
+@@ -25377,7 +25377,7 @@ then
        result=" (from courier-config)"
  fi
  



Home | Main Index | Thread Index | Old Index