From:
[email protected]
Package: cyrus-sasl2
Severity: wishlist
Tags: patch
Attached the diffs for the candidate 1.1 NMU. The NMU will be uploaded
0-day as soon as I get to talk a bit more with the release managers.
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (990, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-pre2-debian+libata2+skas+sensors
Locale: LANG=pt_BR, LC_CTYPE=pt_BR
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
diff -urN cyrus-sasl2-2.1.19/debian/changelog nmu-work/debian/changelog
--- cyrus-sasl2-2.1.19/debian/changelog 2004-08-14 15:52:47.000000000 -0300
+++ nmu-work/debian/changelog 2004-08-14 13:24:35.000000000 -0300
@@ -1,3 +1,55 @@
+cyrus-sasl2 (2.1.19-1.1) testing-proposed-updates unstable; urgency=medium
+
+ * NMU with permission from the maintainer
+ * Release Manager:
+ SASL 2.1.18 (currently in sarge) is very unusable. Please accept
+ this upload for sarge. The main reasons justifying this are:
+ * Security fixes from upstream: at least one buffer overflow
+ was plugged in 2.1.19, and the code was made more secure, which may
+ have plugged other latent security bugs.
+ * Essential feature: 2.1.18 has a very bad regression in that saslauthd
+ cannot support realms embedded inside the username as previous
+ versions did. However, that regression is exactly how it should be
+ behaving since day one, never mind that too many setups are hopeless
+ with the realm information out-of-band. 2.1.19 adds a "-r" option to
+