(fwd) Accepted cyrus-sasl2 2.1.19-1.1 (i386 source)
Henrique de Moraes Holschuh
hmh@debian.org
Sun, 15 Aug 2004 14:58:52 -0300
--pAwQNkOnpTn9IO2O
Content-Type: multipart/mixed; boundary="RASg3xLB4tUQ4RcS"
Content-Disposition: inline
--RASg3xLB4tUQ4RcS
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Sorry to bother you all.
You are being sent this message because your package has been built against
sasl 2.1.19, and is thus blocked from sarge due to shlibdep issues, or
because you package modules for SASL.
Sam, since your MIT Kerberos SASL module packages are best kept in sync with
core SASL, I have directed the email to you too. SASL 2.1.19-1.1 has mutexes
for MIT kerberos 1.3.4, so a rebuild is probably needed/desired. For 1.3.5
we can rip the mutexes out again.
Anyway, I have just uploaded a libsasl2 NMU to sid. Please help me
stress-test it for at least 5 days, so that we can request that it is moved
to sarge, unblocking our packages. There is a full rationale for the upload
in the changelog, which is attached. The release managers are aware of this
upload.
--=20
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
--RASg3xLB4tUQ4RcS
Content-Type: message/rfc822
Content-Disposition: inline
Return-Path: <owner@packages.qa.debian.org>
X-Original-To: hmh@khazad-dum.debian.net
Delivered-To: hmh@khazad-dum.debian.net
Received: from localhost (localhost [127.0.0.1])
by localhost.khazad-dum.debian.net (Postfix) with ESMTP id 45D84218A9A
for <hmh@khazad-dum.debian.net>; Sun, 15 Aug 2004 14:34:27 -0300 (BRT)
Received: from khazad-dum.debian.net ([127.0.0.1])
by localhost (khazad-dum [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 16602-03-4 for <hmh@khazad-dum.debian.net>;
Sun, 15 Aug 2004 14:34:25 -0300 (BRT)
Received: from master.debian.org (master.debian.org [146.82.138.7])
by khazad-dum.debian.net (Postfix) with ESMTP id 0CC26200246
for <hmh@khazad-dum.debian.net>; Sun, 15 Aug 2004 14:34:23 -0300 (BRT)
Received: from hertzog by master.debian.org with local (Exim 3.35 1 (Debian))
id 1BwOti-0001lo-00; Sun, 15 Aug 2004 12:34:22 -0500
Received: from newraff.debian.org [208.185.25.31] by master.debian.org
with esmtp (Exim 3.35 1 (Debian)) id 1BwOti-0001lX-00; Sun, 15 Aug 2004
12:34:22 -0500
Received: from katie by newraff.debian.org with local (Exim 3.35 1
(Debian)) id 1BwOrU-00085q-00; Sun, 15 Aug 2004 13:32:04 -0400
From: Henrique de Moraes Holschuh <hmh@debian.org>
To: debian-devel-changes@lists.debian.org
X-Katie: $Revision: 1.51 $
Subject: Accepted cyrus-sasl2 2.1.19-1.1 (i386 source)
Message-Id: <E1BwOrU-00085q-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Sun, 15 Aug 2004 13:32:04 -0400
Delivered-To: cyrus-sasl2@packages.qa.debian.org
Precedence: list
X-Loop: cyrus-sasl2@packages.qa.debian.org
X-PTS-Package: cyrus-sasl2
X-PTS-Keyword: upload-source
X-Unsubscribe: echo 'unsubscribe cyrus-sasl2' | mail pts@qa.debian.org
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at khazad-dum.debian.net
X-MIME-Autoconverted: converted from non PGP/MIME format
Content-Type: application/pgp; format=text; x-action=sign
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 14 Aug 2004 13:04:38 -0300
Source: cyrus-sasl2
Binary: libsasl2 libsasl2-modules-sql sasl2-bin libsasl2-modules libsasl2-dev libsasl2-modules-gssapi-heimdal libsasl2-modules-kerberos-heimdal
Architecture: source i386
Version: 2.1.19-1.1
Distribution: unstable
Urgency: medium
Maintainer: Dima Barsky <dima@debian.org>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Description:
libsasl2 - Authentication abstraction library
libsasl2-dev - Development files for authentication abstraction library
libsasl2-modules - Pluggable Authentication Modules for SASL
libsasl2-modules-gssapi-heimdal - Pluggable Authentication Modules for SASL
libsasl2-modules-kerberos-heimdal - Pluggable Authentication Modules for SASL
libsasl2-modules-sql - Pluggable Authentication Modules for SASL
sasl2-bin - Programs for manipulating the SASL users database
Closes: 202836 242184 245818 248333 256808 262339
Changes:
cyrus-sasl2 (2.1.19-1.1) unstable; urgency=medium
.
* NMU with permission from the maintainer
* Release Manager:
SASL 2.1.18 (currently in sarge) is very unusable. Please accept
this upload for sarge. The main reasons justifying this are:
* Security fixes from upstream: at least one buffer overflow
was plugged in 2.1.19, and the code was made more secure, which may
have plugged other latent security bugs.
* Essential feature: 2.1.18 has a very bad regression in that saslauthd
cannot support realms embedded inside the username as previous
versions did. However, that regression is exactly how it should be
behaving since day one, never mind that too many setups are hopeless
with the realm information out-of-band. 2.1.19 adds a "-r" option to
saslauthd which restores the former behaviour. Both behaviours are
needed, depending on the SASL mechs being used (one sends the realm
out-of-band, the other in-band). Users have complained loudly about
this issue, not only in Debian, but in the SASL and Cyrus IMAP
mailinglists as well. For way too many people and setups, "-r" is
essential
* Essential bug fixes: Digest-MD5 and GSSAPI are quite broken in
2.1.18, and extensive fixes were applied on them in 2.1.19. In fact,
2.1.18 GSSAPI does _not_ work completely right against Heimdall and
MIT kerberos.
* ABI version issue: the 2.1.19-1 Debian package was uploaded to
_unstable_ before the freeze. Maybe because of that, the maintainer
did upgrade the shlibs dependency to 2.1.19 (I have confirmed that to be
required for SASL modules, so it appears to be really required).
Packages built in _unstable_ since them are being held back due to
this issue. The best fix for packages that use libsasl2 *is* getting
this new version into sarge, due to all other fixes.
* Bugs closed in 2.1.19-1, but not ackwnoleged before:
* Fix FTBFS in hppa, due to broken libtool usage, thanks to Steve Langasek
for the patch (closes: #245818)
* 2.1.19 supports saslauthd "-r" option (closes: #248333, #256808)
* Changes in this NMU:
* upstream CVS: plugins/digestmd5.c: Fix handling of client realm callback
* upstream CVS: plugins/gssapi.c: Memory management cleanup
* upstream CVS: configure.in, plugins/gssapi.c: Wrap all GSS calls
in mutexes when required by the implementation (closes: #202836)
THIS PATCH PROBABLY SHOULD BE SET TO DISABLED BY DEFAULT WHEN MIT
KERBEROS 1.3.5 ENTERS UNSTABLE
(see https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2255)
* Libtool is refreshed at every build, so this upload closes: #262339
* debian/control: build-depend on debhelper (>= 4)
* debian/control: build-depend on libtool (>= 1.5.6) instead of (>=
1.5.2-1)
* Fix initscript to return status 0 if stop called when daemon is
already stopped (closes: #242184)
Files:
0e575c5ccb0c4ce0b534d81c78071547 1062 devel important cyrus-sasl2_2.1.19-1.1.dsc
b0300d23682d9b70573637471a018fc5 25845 devel important cyrus-sasl2_2.1.19-1.1.diff.gz
e265fc81110bdd8e043db7625ee93502 112276 utils important sasl2-bin_2.1.19-1.1_i386.deb
4c406d61da5ccf78bfb3681b24778233 155392 libs important libsasl2-modules_2.1.19-1.1_i386.deb
802ed026d8cd76cb1340adad3b2ad254 50478 libs optional libsasl2-modules-sql_2.1.19-1.1_i386.deb
cba51fb1127d30a3c59742f6320bf0c9 52510 libs optional libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb
90bcd98138e91453982b09cd41dad1ed 52198 libs optional libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb
ff6062fbd46846751754b75f87fc0520 257506 libs important libsasl2_2.1.19-1.1_i386.deb
4766e04a0d9e4ba31523e3b313cb8fcd 245244 libdevel optional libsasl2-dev_2.1.19-1.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBH5oW7iXePxzbD+MRAmqrAJ9ab9vXiRde7XVsvwH8DaUxPIEVEgCgj9hx
Mf8AxqcZDulPKgCnxeDyDb4=
=ct5c
-----END PGP SIGNATURE-----
Accepted:
cyrus-sasl2_2.1.19-1.1.diff.gz
to pool/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19-1.1.diff.gz
cyrus-sasl2_2.1.19-1.1.dsc
to pool/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19-1.1.dsc
libsasl2-dev_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.1_i386.deb
libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.1_i386.deb
libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.1_i386.deb
libsasl2-modules-sql_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.1_i386.deb
libsasl2-modules_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.1_i386.deb
libsasl2_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/libsasl2_2.1.19-1.1_i386.deb
sasl2-bin_2.1.19-1.1_i386.deb
to pool/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.1_i386.deb
--RASg3xLB4tUQ4RcS--
--pAwQNkOnpTn9IO2O
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBH6Rc7iXePxzbD+MRAhRhAJ9Qf54NTIx+h5bpYDaF5N0VSxkyRQCfXJIu
Zcce6loABFKOnXk13SlMoyE=
=OqzF
-----END PGP SIGNATURE-----
--pAwQNkOnpTn9IO2O--