Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cyrus-sasl for openSUSE:Factory checked in at 2022-03-23 20:15:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cyrus-sasl (Old) and /work/SRC/openSUSE:Factory/.cyrus-sasl.new.25692 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cyrus-sasl" Wed Mar 23 20:15:22 2022 rev:64 rq:963371 version:2.1.28 Changes: -------- --- /work/SRC/openSUSE:Factory/cyrus-sasl/cyrus-sasl-bdb.changes 2022-02-06 23:53:49.851000857 +0100 +++ /work/SRC/openSUSE:Factory/.cyrus-sasl.new.25692/cyrus-sasl-bdb.changes 2022-03-23 20:15:26.454363476 +0100 @@ -1,0 +2,7 @@ +Wed Mar 9 08:39:23 UTC 2022 - Dirk M??ller <[email protected]> + +- update to 2.1.28 (bsc#1196036, CVE-2022-24407): + * https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28 +- drop cyrus-sasl-bug587.patch (upstream) + +------------------------------------------------------------------- cyrus-sasl-saslauthd-bdb.changes: same change cyrus-sasl-saslauthd.changes: same change cyrus-sasl.changes: same change Old: ---- cyrus-sasl-2.1.27.tar.gz cyrus-sasl-bug587.patch New: ---- cyrus-sasl-2.1.28.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cyrus-sasl-bdb.spec ++++++ --- /var/tmp/diff_new_pack.Rykbol/_old 2022-03-23 20:15:27.858364205 +0100 +++ /var/tmp/diff_new_pack.Rykbol/_new 2022-03-23 20:15:27.866364210 +0100 @@ -18,20 +18,17 @@ Name: cyrus-sasl-bdb %define lname libsasl2-3 -Version: 2.1.27 +Version: 2.1.28 Release: 0 -URL: http://asg.web.cmu.edu/sasl/ +URL: https://github.com/cyrusimap/cyrus-sasl Summary: Implementation of Cyrus SASL API License: BSD-4-Clause Group: Productivity/Networking/Other - -Source: cyrus-sasl-%{version}.tar.gz +Source: https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-%{version}/cyrus-sasl-%{version}.tar.gz Source1: cyrus-sasl-rc.tar.bz2 Source2: README.Source Source3: baselibs.conf Patch: cyrus-sasl.dif -# see https://github.com/cyrusimap/cyrus-sasl/issues/587 -Patch1: cyrus-sasl-bug587.patch Patch5: cyrus-sasl-no_rpath.patch Patch6: cyrus-sasl-lfs.patch Patch7: fix_libpq-fe_include.diff @@ -51,54 +48,97 @@ %endif Conflicts: cyrus-sasl +%description +This is the Cyrus SASL API. It can be used on the client or server side +to provide authentication. See RFC 2222 for more information. + %package gssapi Summary: Plugin for the GSSAPI SASL mechanism Group: Productivity/Networking/Other Requires: cyrus-sasl-bdb = %{version} Conflicts: cyrus-sasl-gssapi +%description gssapi +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package crammd5 Summary: Plugin for the CRAMMD5 SASL mechanism Group: Productivity/Networking/Other Requires: cyrus-sasl-bdb = %{version} Conflicts: cyrus-sasl-crammd5 +%description crammd5 +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package digestmd5 Summary: Plugin for the DIGESTMD5 SASL mechanism Group: Productivity/Networking/Other Requires: cyrus-sasl-bdb = %{version} Conflicts: cyrus-sasl-digestmd5 +%description digestmd5 +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package otp Summary: Plugin for the OTP SASL mechanism Group: Productivity/Networking/Other Requires: cyrus-sasl-bdb = %{version} Conflicts: cyrus-sasl-otp +%description otp +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package plain Summary: Plugin for the PLAIN SASL mechanism Group: Productivity/Networking/Other Requires: cyrus-sasl-bdb = %{version} Conflicts: cyrus-sasl-plain +%description plain +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package ntlm Summary: Plugin for the NTLM SASL mechanism Group: Productivity/Networking/Other Requires: cyrus-sasl-bdb = %{version} Conflicts: cyrus-sasl-ntlm +%description ntlm +This is the Cyrus SASL API. It can be used on the client or server side +to provide authentication. See RFC 2222 for more information. + %package gs2 Summary: Plugin for the GS2 SASL mechanism Group: Productivity/Networking/Other Requires: cyrus-sasl-bdb = %{version} Conflicts: cyrus-sasl-gs2 +%description gs2 +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package scram Summary: Plugin for the SCRAM SASL mechanism Group: Productivity/Networking/Other Requires: cyrus-sasl-bdb = %{version} Conflicts: cyrus-sasl-scram +%description scram +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 5802 for more +information. + %package devel # bug437293 %ifarch ppc64 @@ -111,53 +151,10 @@ Requires: glibc-devel Conflicts: cyrus-sasl-devel -%description -This is the Cyrus SASL API. It can be used on the client or server side -to provide authentication. See RFC 2222 for more information. - -%description gssapi -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - %description devel This is the Cyrus SASL API. It can be used on the client or server side to provide authentication. See RFC 2222 for more information. -%description digestmd5 -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description crammd5 -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description otp -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description plain -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description ntlm -This is the Cyrus SASL API. It can be used on the client or server side -to provide authentication. See RFC 2222 for more information. - -%description gs2 -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description scram -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 5802 for more -information. - %prep %setup -q -n cyrus-sasl-%{version} -a 1 if [ -e %{_builddir}/cyrus-sasl-%{version}/dlcompat-*/ ] @@ -166,7 +163,6 @@ rm -rf %{_builddir}/cyrus-sasl-%{version}/dlcompat-* fi %patch -%patch1 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 @@ -199,6 +195,7 @@ rm -f doc/Makefile* rm -f $RPM_BUILD_ROOT/%{_mandir}/cat?/* rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/saslauthd* +rm -f $RPM_BUILD_ROOT/%{_mandir}/man8/testsaslauthd* rm -f $RPM_BUILD_ROOT/usr/sbin/saslauthd rm -f $RPM_BUILD_ROOT/usr/sbin/testsaslauthd rm -r $RPM_BUILD_ROOT%{_libdir}/libsasl2.so.3* ++++++ cyrus-sasl-saslauthd-bdb.spec ++++++ --- /var/tmp/diff_new_pack.Rykbol/_old 2022-03-23 20:15:27.914364234 +0100 +++ /var/tmp/diff_new_pack.Rykbol/_new 2022-03-23 20:15:27.922364239 +0100 @@ -22,22 +22,18 @@ %endif Name: cyrus-sasl-saslauthd-bdb -Version: 2.1.27 +Version: 2.1.28 Release: 0 Summary: The SASL Authentication Server License: BSD-4-Clause Group: Productivity/Networking/Other -URL: http://asg.web.cmu.edu/sasl/ - -Source: cyrus-sasl-%{version}.tar.gz +URL: https://github.com/cyrusimap/cyrus-sasl +Source: https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-%{version}/cyrus-sasl-%{version}.tar.gz Source1: cyrus-sasl-rc.tar.bz2 Source2: README.Source Source3: baselibs.conf Source4: saslauthd.service - Patch: cyrus-sasl.dif -# see https://github.com/cyrusimap/cyrus-sasl/issues/587 -Patch1: cyrus-sasl-bug587.patch Patch5: cyrus-sasl-no_rpath.patch Patch6: cyrus-sasl-lfs.patch Patch7: fix_libpq-fe_include.diff @@ -81,7 +77,6 @@ %prep %setup -n cyrus-sasl-%{version} -a 1 %patch -%patch1 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 cyrus-sasl-saslauthd.spec: same change ++++++ cyrus-sasl.spec ++++++ --- /var/tmp/diff_new_pack.Rykbol/_old 2022-03-23 20:15:28.022364291 +0100 +++ /var/tmp/diff_new_pack.Rykbol/_new 2022-03-23 20:15:28.030364294 +0100 @@ -18,19 +18,17 @@ %define lname libsasl2-3 Name: cyrus-sasl -Version: 2.1.27 +Version: 2.1.28 Release: 0 Summary: Implementation of Cyrus SASL API License: BSD-4-Clause Group: Productivity/Networking/Other -URL: http://asg.web.cmu.edu/sasl/ -Source: %{name}-%{version}.tar.gz +URL: https://github.com/cyrusimap/cyrus-sasl/ +Source: https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-%{version}/cyrus-sasl-%{version}.tar.gz Source1: cyrus-sasl-rc.tar.bz2 Source2: README.Source Source3: baselibs.conf Patch0: cyrus-sasl.dif -# see https://github.com/cyrusimap/cyrus-sasl/issues/587 -Patch1: cyrus-sasl-bug587.patch Patch5: cyrus-sasl-no_rpath.patch Patch6: cyrus-sasl-lfs.patch Patch7: fix_libpq-fe_include.diff @@ -47,54 +45,97 @@ Obsoletes: cyrus-sasl-64bit %endif +%description +This is the Cyrus SASL API. It can be used on the client or server side +to provide authentication. See RFC 2222 for more information. + %package gssapi Summary: Plugin for the GSSAPI SASL mechanism Group: Productivity/Networking/Other Requires: %{name} = %{version} Conflicts: cyrus-sasl-bdb-gssapi +%description gssapi +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package crammd5 Summary: Plugin for the CRAMMD5 SASL mechanism Group: Productivity/Networking/Other Requires: %{name} = %{version} Conflicts: cyrus-sasl-bdb-crammd5 +%description crammd5 +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package digestmd5 Summary: Plugin for the DIGESTMD5 SASL mechanism Group: Productivity/Networking/Other Requires: %{name} = %{version} Conflicts: cyrus-sasl-bdb-digestmd5 +%description digestmd5 +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package otp Summary: Plugin for the OTP SASL mechanism Group: Productivity/Networking/Other Requires: %{name} = %{version} Conflicts: cyrus-sasl-bdb-otp +%description otp +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package plain Summary: Plugin for the PLAIN SASL mechanism Group: Productivity/Networking/Other Requires: %{name} = %{version} Conflicts: cyrus-sasl-bdb-plain +%description plain +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package ntlm Summary: Plugin for the NTLM SASL mechanism Group: Productivity/Networking/Other Requires: %{name} = %{version} Conflicts: cyrus-sasl-bdb-ntlm +%description ntlm +This is the Cyrus SASL API. It can be used on the client or server side +to provide authentication. See RFC 2222 for more information. + %package gs2 Summary: Plugin for the GS2 SASL mechanism Group: Productivity/Networking/Other Requires: %{name} = %{version} Conflicts: cyrus-sasl-bdb-ntlm +%description gs2 +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 2222 for more +information. + %package scram Summary: Plugin for the SCRAM SASL mechanism Group: Productivity/Networking/Other Requires: %{name} = %{version} Conflicts: cyrus-sasl-bdb-scram +%description scram +This is the Cyrus SASL API implementation. It can be used on the client +or server side to provide authentication. See RFC 5802 for more +information. + %package devel Summary: Cyrus SASL API Implementation, Libraries and Header Files Group: Development/Libraries/C and C++ @@ -106,56 +147,13 @@ Obsoletes: cyrus-sasl-devel-64bit %endif -%package -n libsasl2-3 -Summary: Simple Authentication and Security Layer (SASL) library -Group: System/Libraries - -%description -This is the Cyrus SASL API. It can be used on the client or server side -to provide authentication. See RFC 2222 for more information. - -%description gssapi -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - %description devel This is the Cyrus SASL API. It can be used on the client or server side to provide authentication. See RFC 2222 for more information. -%description digestmd5 -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description crammd5 -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description otp -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description plain -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description ntlm -This is the Cyrus SASL API. It can be used on the client or server side -to provide authentication. See RFC 2222 for more information. - -%description gs2 -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 2222 for more -information. - -%description scram -This is the Cyrus SASL API implementation. It can be used on the client -or server side to provide authentication. See RFC 5802 for more -information. +%package -n libsasl2-3 +Summary: Simple Authentication and Security Layer (SASL) library +Group: System/Libraries %description -n libsasl2-3 Simple Authentication and Security Layer (SASL) is a framework for @@ -173,7 +171,6 @@ rm -rf %{_builddir}/%{name}-%{version}/dlcompat-* fi %patch0 -%patch1 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 @@ -207,6 +204,7 @@ rm -f doc/Makefile* rm -f %{buildroot}/%{_mandir}/cat?/* rm -f %{buildroot}/%{_mandir}/man8/saslauthd* +rm -f %{buildroot}/%{_mandir}/man8/testsaslauthd* rm -f %{buildroot}%{_sbindir}/saslauthd rm -f %{buildroot}%{_sbindir}/testsaslauthd find %{buildroot} -type f -name "*.la" -delete -print ++++++ cyrus-sasl-2.1.27.tar.gz -> cyrus-sasl-2.1.28.tar.gz ++++++ ++++ 84137 lines of diff (skipped) ++++++ cyrus-sasl.dif ++++++ --- /var/tmp/diff_new_pack.Rykbol/_old 2022-03-23 20:15:28.850364720 +0100 +++ /var/tmp/diff_new_pack.Rykbol/_new 2022-03-23 20:15:28.854364722 +0100 @@ -2,7 +2,7 @@ =================================================================== --- m4/cyrus.m4.orig +++ m4/cyrus.m4 -@@ -37,7 +37,7 @@ AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [ +@@ -36,7 +36,7 @@ AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [ SAVE_LDFLAGS="${LDFLAGS}" LDFLAGS="-R /usr/lib" AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-R"], [ @@ -15,7 +15,7 @@ =================================================================== --- Makefile.am.orig +++ Makefile.am -@@ -43,6 +43,7 @@ AUTOMAKE_OPTIONS = 1.7 +@@ -44,6 +44,7 @@ ACLOCAL_AMFLAGS = -I m4 # ################################################################ @@ -25,11 +25,11 @@ else Index: sasldb/Makefile.am =================================================================== ---- sasldb/Makefile.am 2016-01-29 18:35:35.000000000 +0100 -+++ sasldb/Makefile.am 2018-11-17 12:51:05.800696917 +0100 -@@ -57,3 +57,9 @@ +--- sasldb/Makefile.am.orig ++++ sasldb/Makefile.am +@@ -57,3 +57,9 @@ EXTRA_libsasldb_la_SOURCES = $(extra_com libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) - libsasldb_la_LIBADD = $(SASL_DB_BACKEND) + libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB) libsasldb_la_LDFLAGS = -no-undefined + +# avoid these two files created at the same time, they use both the same
