tream version 1.4.4, which places
a limit on the size of user ID packets, closing a possible
integer overflow (CVE-2006-3082).
-
* Mon Jun 26 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.4-1
- update to 1.4.4
* Tue Jun 20 2006 Nali
tream version 1.4.4, which places
a limit on the size of user ID packets, closing a possible
integer overflow (CVE-2006-3082).
-
* Mon Jun 26 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.4-2
- rebuild
* Mon Jun 26 2006 Nalin Dahyab
) was built without support for
CCID smart card readers. This update corrects that oversight.
-
* Wed Jul 5 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.4-2.2
- try again using per-platform buildprereq (jkeating)
* Wed Jul 5
rsion 1.4.5 to correct
errors in the parsing of certain types of packets.
-
* Tue Aug 1 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.5-1
- update to 1.4.5, fixing additional size overflows in packet parsing (#200904,
CV
rsion 1.4.5 to correct
errors in the parsing of certain types of packets.
-
* Tue Aug 1 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.5-2
- rebuild
- reenable curl support
* Tue Aug 1 2006 Nalin Dahyabhai <[EMAIL PROTECT
words.
-
Update Information:
This update addresses MITKRB-SA-2006-001.
-
* Tue Aug 8 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> 1.4.3-6
- apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084)
* Fri Apr 14 2006 Stepan Kasal <[E
rsion 1.4.6, incorporating
fixes for a potential buffer overflow (CVE-2006-6169) and
referencing of a stack variable after it passes out of scope
(CVE-2006-6235).
-
* Wed Dec 6 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.6
rsion 1.4.6, incorporating
fixes for a potential buffer overflow (CVE-2006-6169) and
referencing of a stack variable after it passes out of scope
(CVE-2006-6235).
-
* Wed Dec 6 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.6-
-
Fedora Update Notification
FEDORA-2007-015
2007-01-07
-
Product : Fedora Core 6
Name: cyrus-sasl
Version : 2.1.22
Release : 4
Summary :
pdate Information:
This update incorporates fixes for recently-announced bugs
found in the kadmind daemon.
-
* Tue Jan 9 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.5-13
- apply fixes from Tom Yu for MITKRB5-SA-2006-002 (CV
words.
-
Update Information:
This update incorporates a fix for a recently-announced bug
found in the kadmind daemon.
-
* Tue Jan 9 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> 1.4.3-5.3
- apply patch from Tom Yu to fix MITKRB-SA-20
avior.
-
* Mon Mar 5 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.7-2
- update to 1.4.7, changing the default to not allow multiple plaintexts in
a single stream
-
This update can be downloaded fro
avior.
-
* Mon Mar 5 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.7-1
- update to 1.4.7, changing the default to not allow multiple plaintexts in
a single stream
* Wed Dec 6 2006 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.6-1
- update to 1.4.6, incorporating fixes for CVE-
aging error which prevented the
binaries which were included in the previous update from
being able to find locale data.
-
* Mon Mar 12 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.7-4.1
- "override" localedir, be
error which prevented the
binaries which were included in the previous update from
being able to find locale data.
-
* Mon Mar 12 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.4.7-5
- "override" localedir, because a
u Mar 15 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> 1.5-21
- add patch to fix buffer overflow in krb5kdc and kadmind
(#231528, CVE-2007-0957)
- add patch to fix double-free in kadmind (#231537, CVE-2007-1216)
* Tue Feb 27 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 1.5-20
- temporari
* Tue Apr 3 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> 1.4.3-5.4
- add patch to correct unauthorized access via krb5-aware telnet
daemon (#229782, CVE-2007-0956)
- add patch to fix buffer overflow in krb5kdc and kadmind
(#231528, CVE-2007-0957)
- add patch to fix double-free in kadmind (#
words.
-
Update Information:
This update incorporates fixes for a stack buffer overflow
and heap corruption in the RPC library, and a fix for a
potential stack buffer overflow in kadmind.
-
* Wed Jun 27 2007 Nalin Dahyabhai <[EMAIL P
words.
-
Update Information:
This update incorporates fixes for a stack buffer overflow
and heap corruption in the RPC library, and a fix for a
potential stack buffer overflow in kadmind.
-
* Wed Jun 27 2007 Nalin Dahy
lling application.
-
* Wed Nov 21 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 257-4
- nss_ldap: go back to linking with static libldap and liblber so that we
don't get unresolved references which may be resolved by a d
ep 4 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> 1.5-22
- incorporate fixes for MITKRB5-SA-2007-006 (CVE-2007-3999, CVE-2007-4000)
-
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/cor
words.
-
Update Information:
The originally-used patch for CVE-2007-3999 didn't
completely fix the bug. This update includes the revised patch.
-
* Thu Sep 6 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> 1.5-23
- incorporate upd
fail.
-
* Fri Aug 24 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 257-3
- tack on a disttag
* Fri Aug 24 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 257-2
- construct LDAP URIs correctly during DNS autoconfiguration (upstream #338)
* Tue Aug 21 2007 Nalin Dahyabhai <[EMAIL PROTECTED]&
lling application.
-
* Wed Nov 21 2007 Nalin Dahyabhai <[EMAIL PROTECTED]> - 257-4
- nss_ldap: go back to linking with static libldap and liblber so that we
don't get unresolved references which may be resolved by a d
24 matches
Mail list logo