cyrus-sasl-bdb-gssapi-2.1.27-150300.4.6.1 >  A bp9|* +2]9.wUD֧M 5 ˘H# IT'tOƩ[i Xǯjm+]hD5[;D8\Ų:_ .q)]jCL(@=-tE%>Z%݅BuwTJk3 B$ne]Gv[C|k>{Χ'7_n{`Qgs7(N +ʚRIDR`>82c85b0c17e65bbb0066d57519b428ad95c47873a267602375e5644ae18c2e1d4d42a11619a00f161215f5f7000c42b3d5dc7b1eNbp9|4$6"@ oa[_#+Z3mX Rp~<$ƹr*ժtfԩq`WwMM*Ȓ R b4Z;q`)Xv:uz֦EoEWǸ(gmב U=7fI9m^F6f< oF "e`r}^k5ȷVo [ ZT|ŒŁj$OcLvRll9+J<E+%k60` >pA?d , Q:G ]{     HXl 8 m (8 9 : FG8HHIXX\Yh\]^bcd/e4f7l9uLv\wx yz8HLRCcyrus-sasl-bdb-gssapi2.1.27150300.4.6.1Plugin for the GSSAPI SASL mechanismThis is the Cyrus SASL API implementation. It can be used on the client or server side to provide authentication. See RFC 2222 for more information.bibs-centriq-3 SUSE Linux Enterprise 15SUSE LLC BSD-4-Clausehttps://www.suse.com/Productivity/Networking/Otherhttp://asg.web.cmu.edu/sasl/linuxaarch64 Abbbb8fd397f13d97d6c42d8421ce058e572668528ed8189c296349a4858dccc4a429libgssapiv2.so.3.0.0libgssapiv2.so.3.0.0rootrootrootrootrootrootrootrootcyrus-sasl-bdb-2.1.27-150300.4.6.1.src.rpmcyrus-sasl-bdb-gssapicyrus-sasl-bdb-gssapi(aarch-64)libgssapiv2.so.3()(64bit)@@@@@@    cyrus-sasl-bdbld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libgssapi_krb5.so.2()(64bit)libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.1.273.0.4-14.6.0-14.0-15.2-1cyrus-sasl-gssapi4.14.3b~`7@_j^;]߶\X)@Y@@Xg@XVhT@Tw@varkoly@suse.comvarkoly@suse.comvarkoly@suse.comscabrero@suse.demichael@stroeder.comvarkoly@suse.comvcizek@suse.commichael@stroeder.comvarkoly@suse.combwiedemann@suse.comvarkoly@suse.comjengelh@inai.de- CVE-2022-24407: cyrus-sasl: SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036) o add upstream patch: 0001-CVE-2022-24407-Escape-password-for-SQL-insert-update.patch- Fix build: Do not build libsasl2-3 in the bdb package. This will not be linked to berkely db. libsasl2-3 is now defined as %BuildRequires and %Requires- Remove Berkeley DB dependency (JIRA#SLE-12190) The packages cyrus-sasl and cyrus-sasl-saslauthd are built without Berkely DB support. gdbm will be used instead of BDB. The packages cyrus-sasl-bdb and cyrus-sasl-saslauthd-bdb are built with Berkely DB support. - Update to 2.1.27 * Added support for OpenSSL 1.1 * Added support for lmdb * Lots of build fixes * Treat SCRAM and DIGEST-MD5 as more secure than PLAIN when selecting client mech * DIGEST-MD5 plugin: Fixed memory leaks Fixed a segfault when looking for non-existent reauth cache Prevent client from going from step 3 back to step 2 Allow cmusaslsecretDIGEST-MD5 property to be disabled * GSSAPI plugin: Added support for retrieving negotiated SSF Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF Properly compute maxbufsize AFTER security layers have been set * SCRAM plugin: Added support for SCRAM-SHA-256 * LOGIN plugin: Don’t prompt client for password until requested by server * NTLM plugin: Fixed crash due to uninitialized HMAC context - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - bsc#983938 `After=syslog.target` left-overs in several unit files - added patches: fix_libpq-fe_include.diff for fixing including libpq-fe.h - removed patches obsoleted by upstream changes: * shared_link_on_ppc.patch * cyrus-sasl-2.1.27-openssl-1.1.0.patch * 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * 0003-Check-return-error-from-gss_wrap_size_limit.patch * 0004-Add-support-for-retrieving-the-mech_ssf.patch * 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch * cyrus-sasl-fix-logging-in-gssapi.patch- Added support for retrieving negotiated SSF in gssapi plugin (bsc#1162518) * Add 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * Add 0003-Check-return-error-from-gss_wrap_size_limit.patch * Add 0004-Add-support-for-retrieving-the-mech_ssf.patch - Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF (bsc#1162518) * Add 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch- added backport-patch cyrus-sasl-bug587.patch which fixes off-by-one error in _sasl_add_string function (see CVE-2019-19906 bsc#1159635)- bnc#1044840 syslog is polluted with messages "GSSAPI client step 1" By server context the connection will be sent to the log function. Client content does not have log level information. I.e. there is no way to stop DEBUG level logs nece I've removed it. * add cyrus-sasl-fix-logging-in-gssapi.patch- OpenSSL 1.1 support (bsc#1055463) * add cyrus-sasl-2.1.27-openssl-1.1.0.patch from Fedora- added cyrus-sasl-issue-402.patch to fix SASL GSSAPI mechanism acceptor wrongly returns zero maxbufsize #402 (see https://github.com/cyrusimap/cyrus-sasl/issues/402)- bnc#1026825 saslauthd: :set_auth_mech : unknown authentication mechanism: kerberos5- really use SASLAUTHD_PARAMS variable (bnc#938657)- bnc#908883 cyrus-sasl-scram refers to wrong RFC- Make sure /usr/sbin/rcsaslauthd existsibs-centriq-3 16455208132.1.27-150300.4.6.12.1.27-150300.4.6.1sasl2libgssapiv2.solibgssapiv2.so.3libgssapiv2.so.3.0.0/usr/lib64//usr/lib64/sasl2/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:22965/SUSE_SLE-15-SP3_Update/d4cb4470d050342a6992a1eb94612c2d-cyrus-sasl-bdb.SUSE_SLE-15-SP3_Updatecpioxz5aarch64-suse-linuxdirectoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=4395c11d0c3e10ec1bf4893f9aa7b1052fb724bd, strippedPRRRRRR;]#;T8& Eutf-84a83baa5de78e0eed61e3c3540d3d49936b9afb9a3c55a8107239b9f1b7b1b1a?7zXZ !t/ 3] crt:bLL ɳ+o "_cf(Y;pjKn@n5e0!eھ* YA/$yCBN%Znٷw2_#;tx`j hFgBPb}@ SwHuʼnx(lZggIRazAB$6lЂ & -\ CSh йCP|^1s%wζiOA¼`ȅR'xӐvŋ)~Z턪㢫燌r~Bv#A' -)Ǭ}4qw3HfDI8M *7݁g'"1M(? q3__Rs1 I<*i"I @c z7 ɧʂb~%./cB)]-pH*hўP,tTOB+Ws΋f.≩'޳%MݒFC:`5o'X7 nv=/&z$_#PTUȶ?uz#㕕w> N My7#HЉ6zLTj(73D5H2U?x֔M ;V.חq<` &$sY<6U{|=Z~i ֣<{% 'lF>;.IlGӯ&Ow6ߏUxT<AIfA i(A_C*+{גW7 x2eQ  /8$h[kgifYI9rjG.Q! 3I@؋$xSn i5UzE;s6}Zn:(2P˾,;^Q֮сk`wJ¼@R4B?4Rqpl'WI_%ޟb(X806bSgOPc|=f$#J{e~>+(G1g&BbYۗK rS<} TY] p ""W…\NϧU$A@%PSS8.W[8֏]ߵwFla(#|K9h6).I9GN0>T !ѕw3xJ'/AR]5J'bI0BI 0AVzd`e *|Y^KBhM>5ͽJ K1I-Dpz6HcUFnԅ:pW@#.luҶWI4T2EKkXxO0n H*DCokߟЬwiU-s;v6|"3YTIY{=pқٱ){1L|[o\x=JLs74 Q%S@t]};z; ɢR&AsOZja;79>.@Sң*B–o$r y $4aՃt(L&7śP IJxKݤ^`ia[M f z!@ֶQ~>0r&K 뤍I.Q O1gءM;E/j[:qFV#d^V 24Gߠ?ПAQ{V^9dGZȹCTA_jKXiTe3W(I5ӚVVb:SHz:_hLS> uX2,GTp/~;V|}r@ Sqg,E⻍ʴ1%\bGƟUn=E{"ZB#[6 dJT}APEasJR"{lej,-@,&vtqy`Ȼ"4=@m0ek3'I~+_ /jG7X$"0`|$Q¡Meᆺ j.}oSuEQBy˺vЪn1~;R(V3MMEƐE`Gs0RR Ap91)6\=NNn֔Kw꛶ki?׼n#׏,<htBlkk7~@H 2E]9ҊqVX_gڽ0#.ėu .Y#0OgxO8?\/Z\Qr]LP!_NxWѩ! q2sk&rqN'u9z`!4 fK:g V:+hX\E~Cz BA2wǖT'ǒ\ 2vuVs<&Q \i6b- WQ^)<=Z I[' 75Y ''b&[2rڋ&5mqG[hrJtힴumvǜEVc|ɜ?d,zmIW;IPiFu(l+; 7(Bt!1oҝgWZ< Y@4Qĸ3 "*4kE;E[aniJ,$`@&}%%K4%{zB̅d7(.|$N+ _ pP9Gy8W 9}tyOyj'HToOŽkۆ2<ДQҦ֗}#2. QsbYۯ0!!jth?r,H%L{úې sP(gI f5hb9ACxbBŠdoha 7 (~;|b'Y=KQ`!q:{Nx[nv<34ʀnO%+I$ɻxy.9տKjf[՗iIJ;>ݍG8rl lMVkɦ/1;A ljՐyeN^0_mU9^\ 3 tlyP0i &<)(Wl Ic3)vkR| VcU(p-5U!;*Y@WKvq<.Q@wYj ,8N {yfM?-v&rU dGpq'$65U o*`p!uitCe.~V0y &njԘ H!+5PܱjuȮ[,NjmT-3>fXJ( SpXXFѶ<PHZwbP#'>'YmGh- B`衡a7’it*f} PMY7ij|+A[Ɨ#blX˚V)*sR3n;n̙Bc&L) vz!A\B'^!s[|bR"^{uOlgr>t.dxPCƻ~1'IEۑs #:!Pq /h$2E5tC5Mӏ;f:Ț1Rt#!\, I"$j+ͯPz @%֧{zfB]<3-z$1tn~=o)ئsyyf[6֔E*rN}\CDomew=["9; H ^? ^XuO TK=`>q#v kЏ:_o+7slD2'/jP}Gmil3;aRj,W>Ou8*vjJhY#RH&QN.;…hAT9;fAR9}ޣLNBlv @{c߇,4*D+L\" `GUژ_Rƍf!UolW}KxT|0ǭ`;&tXqfm?׭r~\qተpGlx@swt (5g9TA~$^8=1 f-)U7C .ـYlo&NnƊ;i,=/哽֩ιդ'T*vr'68N8ʙNęDi#6(- SHLܲӢkjXuVYTRG#Mv\tb3#x\[ CPК劊.# U0yΑ3C2ܺڤ:51& >neV6'WA^]Y`;mgEDdPz,^g?|@YBKn<~sظ҈ ن+d nSv~nNGr0|c> |v=bZ:.0̆ UjY}S8׉!bZxfJ5hm3NdZ&12!0ğ MS4&F4 P/ &94 fä.w"kxrg8pB sҰIlbQcrt~V!Du @; y!` Ϭ D:4ʷi>C~[Z,LDGNSyrDϙoiƫ/A+_ ~Xr NcS18CQn{(Nd@ClVq8aDpeTunXG2e{i;}3p遇s7VZϯKeGX%X&aN=3aOPb̪d+1e/.MS|xjcCA|;l`B?^3mXlsJn!xQI*Tҫq#ˆ 6 n(T4ZT8gMk4FꩄOgeu9 ky9i#)p9[( p]a'{w .*$&_gsRnħ<500O6WŰ}?64';}7 pě*~) N4P~Jyc^H`p[$ޠ5zc|xli_H ozI_$"/tZan #@|<ᆿW vy/֓=3CQHb YDExbT|sPzL_]Ӟ9-(3QOݴ8rI+mjWô}V ԱP{"{o(7aď@i.9*Q>fn@l׷+y`ێ ٻ1ۘ80 uɎ%#$L7]1H#41- RaCOL7.m>աLO5?p@ 0,AMve)bQgۋ ǠCˌ`wp2F5F6GXT8#pzqu$1<82\@YMiƧĜq5"ుw62ʀ_McE=HB#=|5I{Mr/ †0$ݧb ;Q}m93\dzn uV@mfF!o ǀs7 -ReXbo"9f!YB^c_jUm-+%Fo%C= FiR*nh+:~FTWI~~n ke#7IՇTf|FF#>c9/i;Y䠰W/ҍXW R. Is2d#vckroSoln~?yk5DFIF"؎c\kjxbaR=*M G_ |Ş;bik=\kU^JA]c ? L="⠆C˘gJVG َ鲳}U`:T-#|3j\aF}m*tLJr)V8eFYw$&֖ž QPCX7mw~S"έI:BPg_mKۄJt(R'(00Ćά7WtZj0j~d(<<2:5,M!6`%>/Hyj#^S kE#TZYIR4 d9M|JT}fhNGU,5`S)֛.fQnVۄqI1`Gβ  +gC:;:}6J,hhE(hîI!~|7ԦèK*ݣ]?!ee_ `Ԭ=&:XveAYFܭjg,`㜌G:(P}ت%԰JtX[܋@LYiśvj-L#,?h*0jU` !\s"66s)e]a5KI_4ia#WrnuqVn$jWE[XA9 p1w;:\(/NhėRolz1SDO/EhFuvoʥ72r= .Y4A_uݒο E7B(:䆳2!$Q 2ȴeu S>M:2>ɮ.M.z0l={/p iV$!'. ʅxQzqd^QcYm`Sb& (ʿ<7Nئ"OH:9Du\͎> v课Ǻ܏D"u p*j-Xoxл !2J#6^n:/ ?77-A0PSP8 fYD{ C\N0)/m^ `j~<ɄSj׼iȪߛq4{"RAiC.j(6#B.}( gQ01շB3X{c (t1Ot7@C3רΝ68e$ǟп_Z7sXɆykY( DTSק]6 שsbDj'p3mvo1Q MPS;74x ҩf%*3^ E[ 6Aٝ ЮkD<4]"h\wo -b&G{qßF+DS%@>%G:]oX8^бRpŻ ; SkO4!Rvx}S]{ OWiI,̥U^0O󫳶$iUCv5bM4Өy!8RCϒK.5q9>{F$M2~*>{U;Bݮf~+ޞrhWIŠhc`?;D#_x7]fogi%ꌃIъ; bzQd@Y\.)ݾd: ңY.XxoTXWW*G:_F-cSdaAF.:5xe͕Z/sKmqjӠۢvr#E(Tӗu t Ρ |sD|{7dʋ93|aݘ@Sm>F69s괄ŧ83/ҳ虨EZ*Jx޲,%bG(mU,rH,8yL Okή7&\c8rh5NMlL Fx}a)gg 4،]G%3DRBDž<sGY{HOti3o F-b/ we|/x8x7hJs;pΘ ;1}99/Y_y#[lf3˷]ߔ`eYi]!~_ӗb^d{8i%L>$:7 Wf՜ f[.XmL䦤D=tmVT @(rJH Hjʈ 쭈>5NԫL8k'ǸHm#itxwF&C{z"hqxDbط6 j|Mp\׈IT}R04`A 9OO>h'Z`nd kP*^5igS]RŞe.4ܴy`ܬ~\J efG [k@Jpv< =͋ ΀=V$opN|ǣBࠗ}]%Xp+*ء !a5M_)] Dl T=$T?ps5o#jQb 9$N[&jB[S9Ք? ugWmz!gj{sč^8kIc~þB ŨrEE2ADu@c4ܵ$VJ/j'cT 8ݜ9m s4H]T?ꛂ}τ}F[-Xtۻ-Q6'xtFbhLtJc Qڬ }p9؎)i|󠽃zoiL^Qə`U*ZBФR0yJb|PHCmǎk ¤m(::InGO' #Qi@VAѼXy6w ^O10pEߗXE Ca%FܚoEߝ"JBL[k;ig}ymddqt!䅆6Q-dXG#,~-{M|VBџ)jRqiH$U& 5ZryzRLD-e" ,磤BǑI9TlhV׸P~lYutQɰ{ ,⦈un!꜊x_r7{(Y \O+WL q?6UwNjWIؐ)+|=8hhdrRk4apQ>ie2ܗb2- 0 [z ޟYf H 4h؀Lh2E9" ̘<+ٍfKE|w<~^%ycJE_7}zD~ߜgŠQʰp](t/6DK$n,<'Oi0B8NH#h ά,3rBkSnbCißsɕ1ǟn;:JO˟ײ=ca\D" Vs gVĊsmE>w :||d 'A[pm >XOo>0ƥһ[Kc)UM~H `ف^@5y=|{u)A -: 4QiDhDQ[v*.a€l.aȢo|]de>k*:̧kt WfP *|dC_c"Dj龺xk=953G?aW |ԩqSnb*an Xd5 w X+D^j#nxI[eGm %@_eWl&PZ LEaH`Z -(9j}>~y+m lߙ K.2v Cަ8QO-} cCյM3N\ij-д<"y%P_A>9|NX]Mg\+, X`LH ߵ(ǽx V)c +|}<^tM9=Dnղ7ޖB_&L)EjfۓK?M.uɆ:КCL7 #/`밴") :L,gb}@%r1zlg1_Y YZ