From nobody Mon Feb 28 12:32:27 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id F0CDE19EF9E3; Mon, 28 Feb 2022 12:32:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4K6fsR6SsNz3QvF; Mon, 28 Feb 2022 12:32:27 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646051547; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FLTkZwkrBvSNX3Cg5Wt4q1k+Z3/pgMESPvkZGzAqcv4=; b=FI/U5CJh67+wOp+Ed6xD2V+vtSHpC/jHNAHfpr+ktr9G1llpqj95+7Tqdv+5eNHaNguuOy Ha6UDm40omUKUwaWeXv+pT8Po7j7yihEn6H7zo7ejJA9yZEkXLzhlxqqEpqDg5LvBmdymB b4yQZerP2Z7csTNk1rWXZ9OJ1ElcCJwrf8oz9u7g9MvoYGrQDFIUpNgRzeenPMJgQSkCUn CLaO2T9Y7ha1Z2QP1PMwJG3ZAAxjDIjaZSCIKKheTHUgAaVaPER/JevYh9KPpAnRjNtV7/ jmNsFe14VZKR3c+bxTM7UNXdlYcJ3N8a+ZEk0aACkJAv0SaXNJ0kpWAD3YMCyw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BF83A1B835; Mon, 28 Feb 2022 12:32:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 21SCWR8k035338; Mon, 28 Feb 2022 12:32:27 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 21SCWRap035337; Mon, 28 Feb 2022 12:32:27 GMT (envelope-from git) Date: Mon, 28 Feb 2022 12:32:27 GMT Message-Id: <202202281232.21SCWRap035337@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Hajimu UMEMOTO Subject: git: bc5bbc834298 - 2022Q1 - security/cyrus-sasl2: Update to 2.1.28. List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ume X-Git-Repository: ports X-Git-Refname: refs/heads/2022Q1 X-Git-Reftype: branch X-Git-Commit: bc5bbc834298deb23b866b7c450c6dc17a6d0e47 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646051547; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FLTkZwkrBvSNX3Cg5Wt4q1k+Z3/pgMESPvkZGzAqcv4=; b=RgPHOGxSpT4WNiJ2H/ULLt13ZJkn+Qb1MM+06V8pSOvA7AeDuCOEuRZbbEMF+qA+gLHKYx HUf2vLRyHVcI2KU3xutBwDphYoFo2fUpsPHLKaAvdP7gH2LyQO5QfEjmWGxAmtlZgfIDxx Cw/SHM749EXs3adACZb8I8HevmHNFgHWcu69I4WpTlUuZ9FDtS7KN5HrfcaBwcoUIiaajX NjXlKC8WH3ismevlYPs6kQNSdNqkjl+rsstfGNG++pFaDVfaBv8lOWPEVy1YbA3R60bQwD 3Iazgv3xEjLUoKXB3JYyfjtWdgJifHjTF6EHs6toiF9bCe9FR2kh8U3Pm/24XQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1646051547; a=rsa-sha256; cv=none; b=lKc0bZaH8id6l3gka1OBswRyPLeedd9lNggTW+/Oqe6foWfPhF2CsYLWd7da5dGR3DRNJx yXfmouKHiTre7g5XYEkw82CxJWOrAI1fqVRNlAbW1KW/yY31xbdeqRhALITjW8zSiazbkg EFKdPiV52o/n7g563uEBxes3cRGAYd2QtOEoeuwIxebGUv5HNhEZGbbiopsmx7LOW4wvyG BmBGAuWXhHjdXEHF7grkNodru2GdJ+OFEnvPpZshEd4B9YSrL7/7eUQNm5SUlyqO89/W+b w4wZgt+8zPlXPMS07lqAsP3HKF+okHgc0OXyN11BBJ7k5oJy3KQ6VnxhTVZuXQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch 2022Q1 has been updated by ume: URL: https://cgit.FreeBSD.org/ports/commit/?id=bc5bbc834298deb23b866b7c450c6dc17a6d0e47 commit bc5bbc834298deb23b866b7c450c6dc17a6d0e47 Author: Hajimu UMEMOTO AuthorDate: 2022-02-28 12:23:47 +0000 Commit: Hajimu UMEMOTO CommitDate: 2022-02-28 12:32:07 +0000 security/cyrus-sasl2: Update to 2.1.28. PR: 262133 Relnotes: https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28 Security: CVE-2019-19906, CVE-2022-24407 (cherry picked from commit d29e6c03261c9cf685efd70824f085f2e422bdcc) --- security/cyrus-sasl2-gssapi/Makefile | 1 - security/cyrus-sasl2-saslauthd/Makefile | 1 - security/cyrus-sasl2-saslauthd/pkg-plist | 1 + security/cyrus-sasl2-sql/Makefile | 1 - security/cyrus-sasl2/Makefile | 4 +- security/cyrus-sasl2/Makefile.common | 2 +- security/cyrus-sasl2/distinfo | 6 +- security/cyrus-sasl2/files/patch-plugins__sql.c | 66 ---------------------- .../cyrus-sasl2/files/patch-saslauthd__Makefile.in | 13 ----- 9 files changed, 6 insertions(+), 89 deletions(-) diff --git a/security/cyrus-sasl2-gssapi/Makefile b/security/cyrus-sasl2-gssapi/Makefile index e8432d9db8da..34dac0d0ef18 100644 --- a/security/cyrus-sasl2-gssapi/Makefile +++ b/security/cyrus-sasl2-gssapi/Makefile @@ -1,5 +1,4 @@ PKGNAMESUFFIX= -gssapi -PORTREVISION= 2 COMMENT= SASL GSSAPI authentication plugin diff --git a/security/cyrus-sasl2-saslauthd/Makefile b/security/cyrus-sasl2-saslauthd/Makefile index 2326128c4914..af1478e08005 100644 --- a/security/cyrus-sasl2-saslauthd/Makefile +++ b/security/cyrus-sasl2-saslauthd/Makefile @@ -1,5 +1,4 @@ PKGNAMESUFFIX= -saslauthd -PORTREVISION= 2 COMMENT= SASL authentication server for cyrus-sasl2 diff --git a/security/cyrus-sasl2-saslauthd/pkg-plist b/security/cyrus-sasl2-saslauthd/pkg-plist index 0eb40ac2a76c..4ea4bf02d6c3 100644 --- a/security/cyrus-sasl2-saslauthd/pkg-plist +++ b/security/cyrus-sasl2-saslauthd/pkg-plist @@ -1,4 +1,5 @@ man/man8/saslauthd.8.gz +man/man8/testsaslauthd.8.gz sbin/saslauthd sbin/saslcache sbin/testsaslauthd diff --git a/security/cyrus-sasl2-sql/Makefile b/security/cyrus-sasl2-sql/Makefile index c8ef4ce4f261..471cc4038e0f 100644 --- a/security/cyrus-sasl2-sql/Makefile +++ b/security/cyrus-sasl2-sql/Makefile @@ -1,5 +1,4 @@ PKGNAMESUFFIX= -sql -PORTREVISION= 1 COMMENT= SASL SQL plugins diff --git a/security/cyrus-sasl2/Makefile b/security/cyrus-sasl2/Makefile index f580a60b79c2..10e1b1a82794 100644 --- a/security/cyrus-sasl2/Makefile +++ b/security/cyrus-sasl2/Makefile @@ -1,5 +1,3 @@ -PORTREVISION= 2 - COMMENT= RFC 2222 SASL (Simple Authentication and Security Layer) USES= cpe libtool:keepla pathfix perl5 @@ -60,6 +58,6 @@ PLAIN_CONFIGURE_ENABLE= plain SCRAM_DESC= SCRAM authentication SCRAM_CONFIGURE_ENABLE= scram -DOCS= AUTHORS COPYING ChangeLog INSTALL INSTALL.TXT README +DOCS= AUTHORS COPYING ChangeLog INSTALL.TXT README .include "${.CURDIR}/../../security/cyrus-sasl2/Makefile.common" diff --git a/security/cyrus-sasl2/Makefile.common b/security/cyrus-sasl2/Makefile.common index 530307db0187..a216f017037c 100644 --- a/security/cyrus-sasl2/Makefile.common +++ b/security/cyrus-sasl2/Makefile.common @@ -1,5 +1,5 @@ PORTNAME= cyrus-sasl -PORTVERSION= 2.1.27 +PORTVERSION= 2.1.28 CATEGORIES= security MASTER_SITES= https://github.com/cyrusimap/cyrus-sasl/releases/download/${PORTNAME}-${PORTVERSION}/ diff --git a/security/cyrus-sasl2/distinfo b/security/cyrus-sasl2/distinfo index 661810dc9df6..145a23d6cd42 100644 --- a/security/cyrus-sasl2/distinfo +++ b/security/cyrus-sasl2/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1542468728 -SHA256 (cyrus-sasl-2.1.27.tar.gz) = 26866b1549b00ffd020f188a43c258017fa1c382b3ddadd8201536f72efb05d5 -SIZE (cyrus-sasl-2.1.27.tar.gz) = 4111249 +TIMESTAMP = 1645585277 +SHA256 (cyrus-sasl-2.1.28.tar.gz) = 7ccfc6abd01ed67c1a0924b353e526f1b766b21f42d4562ee635a8ebfc5bb38c +SIZE (cyrus-sasl-2.1.28.tar.gz) = 4034803 diff --git a/security/cyrus-sasl2/files/patch-plugins__sql.c b/security/cyrus-sasl2/files/patch-plugins__sql.c deleted file mode 100644 index 1983317092bf..000000000000 --- a/security/cyrus-sasl2/files/patch-plugins__sql.c +++ /dev/null @@ -1,66 +0,0 @@ ---- plugins/sql.c.orig 2016-12-10 15:45:55 UTC -+++ plugins/sql.c -@@ -1150,6 +1150,7 @@ static int sql_auxprop_store(void *glob_context, - char *statement = NULL; - char *escap_userid = NULL; - char *escap_realm = NULL; -+ char *escap_passwd = NULL; - const char *cmd; - - sql_settings_t *settings; -@@ -1221,6 +1222,11 @@ static int sql_auxprop_store(void *glob_context, - "Unable to begin transaction\n"); - } - for (cur = to_store; ret == SASL_OK && cur->name; cur++) { -+ /* Free the buffer, current content is from previous loop. */ -+ if (escap_passwd) { -+ sparams->utils->free(escap_passwd); -+ escap_passwd = NULL; -+ } - - if (cur->name[0] == '*') { - continue; -@@ -1242,19 +1248,32 @@ static int sql_auxprop_store(void *glob_context, - } - sparams->utils->free(statement); - -+ if (cur->values[0]) { -+ escap_passwd = (char *)sparams->utils->malloc(strlen(cur->values[0])*2+1); -+ if (!escap_passwd) { -+ ret = SASL_NOMEM; -+ break; -+ } -+ settings->sql_engine->sql_escape_str(escap_passwd, cur->values[0]); -+ } -+ - /* create a statement that we will use */ - statement = sql_create_statement(cmd, cur->name, escap_userid, - escap_realm, -- cur->values && cur->values[0] ? -- cur->values[0] : SQL_NULL_VALUE, -+ escap_passwd ? -+ escap_passwd : SQL_NULL_VALUE, - sparams->utils); -+ if (!statement) { -+ ret = SASL_NOMEM; -+ break; -+ } - - { - char *log_statement = - sql_create_statement(cmd, cur->name, - escap_userid, - escap_realm, -- cur->values && cur->values[0] ? -+ escap_passwd ? - "" : SQL_NULL_VALUE, - sparams->utils); - sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG, -@@ -1287,6 +1306,7 @@ static int sql_auxprop_store(void *glob_context, - done: - if (escap_userid) sparams->utils->free(escap_userid); - if (escap_realm) sparams->utils->free(escap_realm); -+ if (escap_passwd) sparams->utils->free(escap_passwd); - if (conn) settings->sql_engine->sql_close(conn); - if (userid) sparams->utils->free(userid); - if (realm) sparams->utils->free(realm); diff --git a/security/cyrus-sasl2/files/patch-saslauthd__Makefile.in b/security/cyrus-sasl2/files/patch-saslauthd__Makefile.in deleted file mode 100644 index df4ecbb209a2..000000000000 --- a/security/cyrus-sasl2/files/patch-saslauthd__Makefile.in +++ /dev/null @@ -1,13 +0,0 @@ -Index: saslauthd/Makefile.in -diff -u saslauthd/Makefile.in.orig saslauthd/Makefile.in ---- saslauthd/Makefile.in.orig 2011-09-07 22:13:56.000000000 +0900 -+++ saslauthd/Makefile.in 2011-09-14 15:16:53.207259788 +0900 -@@ -722,7 +722,7 @@ - - install-data-local: saslauthd.8 - $(mkinstalldirs) $(DESTDIR)$(mandir)/man8 -- $(INSTALL_DATA) $(srcdir)/saslauthd.8 $(DESTDIR)$(mandir)/man8/saslauthd.8 -+ $(INSTALL_DATA) $(srcdir)/saslauthd.mdoc $(DESTDIR)$(mandir)/man8/saslauthd.8 - - # Tell versions [3.59,3.63) of GNU make to not export all variables. - # Otherwise a system limit (for SysV at least) may be exceeded.