cyrus-sasl-2.1.27-150300.4.6.1<>,Ibp9|G^lV(,9KU ߉yx3KXu >۩)ʝXNq\sz<͟W?$t>7rѩ dwn#E^Oӷyd5 gm0!_ =+A9.֧AС۲ s7޺7(:oz/N 3 \E y g(:  )]~xX޼} M.5 G̵:8hrAz".$T`iFX0槵K>E*?*d  ! B# 9Wtzu,   4     h  D l  0 h   (8 9D :* =z>FGHIPXhY|\]^ Q b c!d"e"$f"'l")u"<v" w(x) y)x,z*(*8*<*B*Ccyrus-sasl2.1.27150300.4.6.1Implementation of Cyrus SASL APIThis is the Cyrus SASL API. It can be used on the client or server side to provide authentication. See RFC 2222 for more information.bibs-arm-3iSUSE Linux Enterprise 15SUSE LLC BSD-4-Clausehttps://www.suse.com/Productivity/Networking/Otherhttp://asg.web.cmu.edu/sasl/linuxaarch64#Convert password file from berkely into gdbm #In %pre the existing file will be dumped out if /usr/bin/db_verify /etc/sasldb2 &> /dev/null ; then cat < /var/adm/update-scripts/saslpw.awk { split(\$0,b,/\\\00/) if( b[3] == "userPassword" ) { user=b[1] domain=b[2] } else { if( user != "" ) { printf("echo '%s' | saslpasswd2 -p -u %s %s\n",substr(b[1],2),user,domain) user = "" domain = "" } } } EOF db_dump -p /etc/sasldb2 | gawk -f /var/adm/update-scripts/saslpw.awk > /var/adm/update-scripts/saslpwd rm -f /var/adm/update-scripts/saslpw.awk mv /etc/sasldb2 /etc/sasldb2-back fiif [ -e /var/adm/update-scripts/saslpwd ]; then chmod 755 /var/adm/update-scripts/saslpwd /var/adm/update-scripts/saslpwd rm -f /var/adm/update-scripts/saslpwd fi @ ( 8 @   ` E AAA큤bbbbbbbbbbbbbbbbbVbbbb4880f50910ec9175d369faeaac2cef85ef6fc59a07503cd96dffe68039d01f185ce235937cd40b3a63fba453ce3b864848efe3ee4adc7add0db8d4951f140f44ae784b900bdbf517359bf3d95a61e73fbba8e870753b32f05bf6c92c4c05abb6e1ffc183a89298521b71f243126aa39a4e5af205916bee507ff6d424c61bcf4686c8ba3e73452bac3670baae771a72ba3aba20ba072aed6f377e78696fe71de879d083c12efd1b41c867626bec6968715df14cc45101caa5aa4a0dd58dd805986b135521c85c443fe23f59055f26b2032cb1a89c535f750960660adcf53d2984c9552e0587c43b2ec3d29d7242d30fdda3d0dc862e4cf9b23a6ce0f2d56636519d6e5d1632140a6c135b251260953650d17d87cd1124f87aaf72192aa4580d4b78f12bf65507f64978b7cd7feaa20a18d5caea491d226c9c0c38935fbe9cfced8dadac1f5c0dc87a4eb46e9558f4a613acb981dd52f8e6f0e503744f626ca0f0ea80324cf7a1ab202088019bf0fcdc2d0e672aa8be79f85c7bce2a9e2fe5fada9357843e3f54c262fa9d3b746686739a03c9a94c7be51b5731d5944f50df0b9blibanonymous.so.3.0.0libanonymous.so.3.0.0liblogin.so.3.0.0liblogin.so.3.0.0libsasldb.so.3.0.0libsasldb.so.3.0.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootcyrus-sasl-2.1.27-150300.4.6.1.src.rpmcyrus-saslcyrus-sasl(aarch-64)libanonymous.so.3()(64bit)liblogin.so.3()(64bit)libsasldb.so.3()(64bit)@@@@@@@@    /bin/sh/bin/shld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libgdbm.so.4()(64bit)libgssapi_krb5.so.2()(64bit)libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)libsasl2.so.3()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-1cyrus-sasl-bdb4.14.3b~a@_I@_j^;]߶\X)@Y@@Xg@XVhT@Tw@varkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comscabrero@suse.demichael@stroeder.comvarkoly@suse.comvcizek@suse.commichael@stroeder.comvarkoly@suse.combwiedemann@suse.comvarkoly@suse.comjengelh@inai.de- CVE-2022-24407: cyrus-sasl: SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036) o add upstream patch: 0001-CVE-2022-24407-Escape-password-for-SQL-insert-update.patch- postfix: sasl authentication with password fails (bsc#1194265) Add config parameter --with-dblib=gdbm - Avoid converting of /etc/sasldb2 by every update. Convert /etc/sasldb2 only if it is a Berkeley DB- CVE-2020-8032: cyrus-sasl: Local privilege escalation to root due to insecure tmp file usage. (bsc#1180669) Use /var/adm/update-scripts/ instead of /tmp. Clean up temporary files.- Remove Berkeley DB dependency (JIRA#SLE-12190) The packages cyrus-sasl and cyrus-sasl-saslauthd are built without Berkely DB support. gdbm will be used instead of BDB. The packages cyrus-sasl-bdb and cyrus-sasl-saslauthd-bdb are built with Berkely DB support. - Update to 2.1.27 * Added support for OpenSSL 1.1 * Added support for lmdb * Lots of build fixes * Treat SCRAM and DIGEST-MD5 as more secure than PLAIN when selecting client mech * DIGEST-MD5 plugin: Fixed memory leaks Fixed a segfault when looking for non-existent reauth cache Prevent client from going from step 3 back to step 2 Allow cmusaslsecretDIGEST-MD5 property to be disabled * GSSAPI plugin: Added support for retrieving negotiated SSF Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF Properly compute maxbufsize AFTER security layers have been set * SCRAM plugin: Added support for SCRAM-SHA-256 * LOGIN plugin: Don’t prompt client for password until requested by server * NTLM plugin: Fixed crash due to uninitialized HMAC context - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - bsc#983938 `After=syslog.target` left-overs in several unit files - added patches: fix_libpq-fe_include.diff for fixing including libpq-fe.h - removed patches obsoleted by upstream changes: * shared_link_on_ppc.patch * cyrus-sasl-2.1.27-openssl-1.1.0.patch * 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * 0003-Check-return-error-from-gss_wrap_size_limit.patch * 0004-Add-support-for-retrieving-the-mech_ssf.patch * 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch * cyrus-sasl-fix-logging-in-gssapi.patch- Added support for retrieving negotiated SSF in gssapi plugin (bsc#1162518) * Add 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * Add 0003-Check-return-error-from-gss_wrap_size_limit.patch * Add 0004-Add-support-for-retrieving-the-mech_ssf.patch - Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF (bsc#1162518) * Add 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch- added backport-patch cyrus-sasl-bug587.patch which fixes off-by-one error in _sasl_add_string function (see CVE-2019-19906 bsc#1159635)- bnc#1044840 syslog is polluted with messages "GSSAPI client step 1" By server context the connection will be sent to the log function. Client content does not have log level information. I.e. there is no way to stop DEBUG level logs nece I've removed it. * add cyrus-sasl-fix-logging-in-gssapi.patch- OpenSSL 1.1 support (bsc#1055463) * add cyrus-sasl-2.1.27-openssl-1.1.0.patch from Fedora- added cyrus-sasl-issue-402.patch to fix SASL GSSAPI mechanism acceptor wrongly returns zero maxbufsize #402 (see https://github.com/cyrusimap/cyrus-sasl/issues/402)- bnc#1026825 saslauthd: :set_auth_mech : unknown authentication mechanism: kerberos5- really use SASLAUTHD_PARAMS variable (bnc#938657)- bnc#908883 cyrus-sasl-scram refers to wrong RFC- Make sure /usr/sbin/rcsaslauthd exists/bin/sh/bin/shibs-arm-3 1645520580 2.1.27-150300.4.6.12.1.27-150300.4.6.1sasl2cyrus_sasl_sample_clientcyrus_sasl_sample_serversasl2libanonymous.solibanonymous.so.3libanonymous.so.3.0.0liblogin.soliblogin.so.3liblogin.so.3.0.0libsasldb.solibsasldb.so.3libsasldb.so.3.0.0pluginviewersasldblistusers2saslpasswd2cyrus-saslCOPYINGsasl.3.gzpluginviewer.8.gzsasldblistusers2.8.gzsaslpasswd2.8.gz/etc//usr/bin//usr/lib64//usr/lib64/sasl2//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/cyrus-sasl//usr/share/man/man3//usr/share/man/man8/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:22965/SUSE_SLE-15-SP3_Update/f31563e28dd2787f23e8d4a931ea78b6-cyrus-sasl.SUSE_SLE-15-SP3_Updatedrpmxz5aarch64-suse-linux directoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=4a06e13d087b0a0674ae7b58ae1bd3122275381d, for GNU/Linux 3.7.0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=66d01a754a32c06ee0de27cdac7731f68552d704, for GNU/Linux 3.7.0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=3563ff71e9b2b382f6b35ce542201ce7b1d30173, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=04d35dc80ae69f9ef974b52d0811d62d1815443a, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=aaae39cb0da2009bf4d604b1e5cb7b8413149daf, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=a10c216f9a46e95c7886fc59e9bf232f5b8dde91, for GNU/Linux 3.7.0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=65dc87bd81414b2751be6e3fd8748097cf12fa26, for GNU/Linux 3.7.0, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=f467bf3ae88e85ff44c1bc029e2c2ae1b71c4080, for GNU/Linux 3.7.0, strippedASCII texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix) !'RRR RRRRRR RRRPRRRRPRRRRPRRRRRRRR RRRRR RRRRRR RR:-m utf-86e146773aec38b7881b6e76fd6d023c161924400039d50e35ab2e4c468aba62c?7zXZ !t/;O]"k%a3[,Zz@b972lv. C`vYuH^Lc>Dި)%/ZTi!(s?PvI/ro ;IDžMF/~H{=Lԧ_!s̈́OrzʨR^ֺT8UC "@ɼё\j^0~n Ct"/SjX4㸷UTQK ^*h+UG P5qtz%es`:n0ӥ2(#D.]b#D8yv˭E}Q4Q:E.#r B>nt:Gymk_lvHw[ 4x_vc- 0{eB@ډ mp!r [N,HB[H"نheG#14hՀ7ޖ]^~cgb=`\ѯl۰TCj{!Fρ?Tր&EbvpZIY%XZtAtɮ@3 ߈-ae1,} 4ӒF*޴ÿC~ KխW?%ne G{iH2|a%8ahEXؼ|!uH%` a2-ؗH$ LVZ;R6`$`L`~}{Z48Ɛ@@Y"hi:S#طnԕ'l򶖀=7*L+X涅v tfa=f($*n (mډ5XjT@&=0)Yi ts5*5lXky9I{"IGAgpSdVV zpOG,m.l>HMvV>{xZZ4/T@ Bo&see xc>\) 2bAejY+ڗ L;n/ۈx5[qC &Oպ.(Pi/ ~dXv@]F}f${lC.mӲKx 46 н;LYL'hctx(IOyc1Y!%QMUu5SJGbd-զ&/ѻ/.6_qkg4vn2~F}4At/%.v3#7(Jc00xgdʝ˳1hưpx?ބN(y,(ϦN .=k8; N#[-6KT^BqVRr68L:Z!rb$& Cd?JoHC:$C/Gs:u\ev!¬`&OUTsr:lsyx>\ϗobQD*"ۂn(?$jD9頪Ƌ%җHoJ\tfxդKV-IT>lI7hÀo|m0+c<*~4QeJ01L7)<Г#@T@ŬJ1n3Gω|A,cxѕ;֦tfhH.ГddȆ-"xWܳvzcx/*:2Ĥ9<c'Nن@X/k~y/~G|>`$@dl6=`7vZ6]:5>O@P;g.>:K[I>I΃Aߢ" O ko$xxdrr_BZf>&6Jt\wr+y]+d%$ mm֮n?c#Ʌyj9)7K"@|7JHN[f. Zܲ=Lj:&lah ipZMhHs;՞ _bU-~ ܻߌ!_'_XdvV"v [rVn)XA&,ajAXz(2Dps\GE9ǻ=ĬE"ԁ5#ܱ9d.k;^R=@Tض\ ԽEUL_ {=de/˱G}2X!&Y$Tzz1WׇJWiH%Q_U[]Q;MBv HwZieNgqQ߮fk_7 )왐bsXQAc3zMR[j[lt_ذqzSHЩ¾8M**2UM$toKt!Mi)/1H _ry(g?BHP-@a3JٗY}(N440&}IP}/):ƥLo}v800s1CHe)P4^RYv j ̾WQ%CqyVb.LP_ePw#˴LT+V<9->Tς[(BA%ԮfDŐߠMm2Q̣`mDtCF cMOn64uq_?J=!+fp|(~΃lNNh -e9(9DRƕOXa8O.Kl@p?\䡪ۂN `*n|_]Nvs%c̞ǡOItӥ -NtD[z|B`Pei9P*-V_m x?() f1) gZ낈 HEn%5[:rjkقXNÊS.Wc0ҝfD5EGu 7)K5t/czuHӡ`;r'0 IbbtjI{ HqqQI,{T1yMcgPONmF8!7jqTpR,̣ڙǑg-O1 BphhZMI尜C24J8q'3bmoj?ulL֕V:Be!TšG< arQizQ6o0٥pٕ0d?OU3/-خ_YF7dś CÖbpS@qi"m%P?m`tXcoM=󯔖%Zr3pC8M#D!,8&AN u}8^f^RQzFOBL\u-Q?L=-CrV\F f= p$;$vSddd^Lc[lDI2Y:_c&\)|J m`hSiL>1rޖO c$r׆'2TTGm1w(cyM1+?}1`gnPL7ILc B # Ag%-Y\g2 'py"Fq&=p 98i̙|ey1-፬ lp~OQ2cvO=ƀ)S3>int-@Y%W0vA yL5_kLB$je}#`\>ATBTF[c'&O׃vn䲊O3`|#\n$3!D=/y[=hL3P88[0 2}3=6?Ww%)Cug&t7[* +N3 eDq`JtxXzBC}mnnN7$O~>j/p{cPYyS?N!L^ImfQqf|\NvF Q*A !& Pg'!Mv>P=XOiErk9Cܝ/Ui=DO;TѳiDŒ0,%Rtm[i%ܜz͕pT1|En[D  VZevM߱]WRn7vOe./qẢTyw$5cc@4z@RGÈM D ru>8]&Ȑ2&ԍ@hmr Bpl̸cPm,<"]mCwL zrxH_lH?|ۍr* JY(* A6d y`ӘuXyGƤ "z=Hiud1hvL-U UݚO@1'oa)\ 8 :\{q@:MܹxI뜺\RHkUY^JhI(K^J%^Ծ< HB#G*j@%`?1឵hXiA!ƥt≼źzNI?ElBn\4D\uQO$Y鿴j[6h<®$8,5m'36SR3!{ mkucӒ&ֆ!%ѿ}73;&˃F=$z҃uQQ+tǬhauAA3.a/ww[:6 j^m65 t6lk4ʟJkΖ^ ee wV딱?_sW[- h_\i~Tm\aB]Q }-4_t@:̟d䘼,6k;M5IP/ 3"=Aڜ5^K@jտoZ\%@Y\rr2U/ !ܛUz`70L)*G_y&ɮI]_4%#H@L7@ {Met08WAC lP`EEj]2ى$ʧQ6_VCǮ*@9>3O`EάhTK45wz YZ