cyrus-sasl-2.1.27-150300.4.6.1<>,Kԉbp9|W9Ql, s*1{jۯz~q`?;k=DŠ7v13EĎE-뙝] HIiNc2T<];c?L[섀W$SsRUB52R1&qw@$FlΛ`ipD,i@K~X*e7P-eCr#N6˶3A\Nusa+?Kٚ췕ā5{7h?B8R>E*d?*Td  ! B' =[x~y0   8     l  H p  0  `  {    ( 8 9 : =&>.F6GPHIXY,\X]^  b c!Jd!e!f!l!u!v"D w(x),y)z)****PCcyrus-sasl2.1.27150300.4.6.1Implementation of Cyrus SASL APIThis is the Cyrus SASL API. It can be used on the client or server side to provide authentication. See RFC 2222 for more information.bibs-power9-13i]SUSE Linux Enterprise 15SUSE LLC BSD-4-Clausehttps://www.suse.com/Productivity/Networking/Otherhttp://asg.web.cmu.edu/sasl/linuxppc64le#Convert password file from berkely into gdbm #In %pre the existing file will be dumped out if /usr/bin/db_verify /etc/sasldb2 &> /dev/null ; then cat < /var/adm/update-scripts/saslpw.awk { split(\$0,b,/\\\00/) if( b[3] == "userPassword" ) { user=b[1] domain=b[2] } else { if( user != "" ) { printf("echo '%s' | saslpasswd2 -p -u %s %s\n",substr(b[1],2),user,domain) user = "" domain = "" } } } EOF db_dump -p /etc/sasldb2 | gawk -f /var/adm/update-scripts/saslpw.awk > /var/adm/update-scripts/saslpwd rm -f /var/adm/update-scripts/saslpw.awk mv /etc/sasldb2 /etc/sasldb2-back fiif [ -e /var/adm/update-scripts/saslpwd ]; then chmod 755 /var/adm/update-scripts/saslpwd /var/adm/update-scripts/saslpwd rm -f /var/adm/update-scripts/saslpwd fi H 0    h E AAA큤bbbbbbbbbbbbbbbbbVbbbb3089e55204708c44538ec1aefe9d650d34fc5e2a684369e03b60a9f724819d284c546a3e963ed27ad8bd6b0b3005b4d1fe53e07530030f33e5e864c44f9248388aaa8ae8298d208760c17166917f6a1e04f0866120902f8515a3dc1a0b3f27407ca237ba8eec209d98dcc5c0c7e44ed20c5cac13b01fcd85731d00299d724b9209bbb10c02765e2ee94d290f987f91fd544a4338acfdaaaee4e1c58b57efc1169155ae57e4b1caf261421dfa179b1817bc8293d4964baf26ed8f7b3768061ac15fdd08ab09ac0463cdb2205c10a3f3ab0e3f6c760235fc916471e8efc65681409df3a38f4d5efca53373b43074177af8ff4f5f6dbc3b439497fb934e11abccba9d6e5d1632140a6c135b251260953650d17d87cd1124f87aaf72192aa4580d4b78f12bf65507f64978b7cd7feaa20a18d5caea491d226c9c0c38935fbe9cfced8dadac1f5c0dc87a4eb46e9558f4a613acb981dd52f8e6f0e503744f626ca0f0ea80324cf7a1ab202088019bf0fcdc2d0e672aa8be79f85c7bce2a9e2fe5fada9357843e3f54c262fa9d3b746686739a03c9a94c7be51b5731d5944f50df0b9blibanonymous.so.3.0.0libanonymous.so.3.0.0liblogin.so.3.0.0liblogin.so.3.0.0libsasldb.so.3.0.0libsasldb.so.3.0.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootcyrus-sasl-2.1.27-150300.4.6.1.src.rpmcyrus-saslcyrus-sasl(ppc-64)libanonymous.so.3()(64bit)liblogin.so.3()(64bit)libsasldb.so.3()(64bit)@@@@@@    /bin/sh/bin/shlibc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libgdbm.so.4()(64bit)libgssapi_krb5.so.2()(64bit)libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)libsasl2.so.3()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-1cyrus-sasl-bdb4.14.3b~a@_I@_j^;]߶\X)@Y@@Xg@XVhT@Tw@varkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comscabrero@suse.demichael@stroeder.comvarkoly@suse.comvcizek@suse.commichael@stroeder.comvarkoly@suse.combwiedemann@suse.comvarkoly@suse.comjengelh@inai.de- CVE-2022-24407: cyrus-sasl: SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036) o add upstream patch: 0001-CVE-2022-24407-Escape-password-for-SQL-insert-update.patch- postfix: sasl authentication with password fails (bsc#1194265) Add config parameter --with-dblib=gdbm - Avoid converting of /etc/sasldb2 by every update. Convert /etc/sasldb2 only if it is a Berkeley DB- CVE-2020-8032: cyrus-sasl: Local privilege escalation to root due to insecure tmp file usage. (bsc#1180669) Use /var/adm/update-scripts/ instead of /tmp. Clean up temporary files.- Remove Berkeley DB dependency (JIRA#SLE-12190) The packages cyrus-sasl and cyrus-sasl-saslauthd are built without Berkely DB support. gdbm will be used instead of BDB. The packages cyrus-sasl-bdb and cyrus-sasl-saslauthd-bdb are built with Berkely DB support. - Update to 2.1.27 * Added support for OpenSSL 1.1 * Added support for lmdb * Lots of build fixes * Treat SCRAM and DIGEST-MD5 as more secure than PLAIN when selecting client mech * DIGEST-MD5 plugin: Fixed memory leaks Fixed a segfault when looking for non-existent reauth cache Prevent client from going from step 3 back to step 2 Allow cmusaslsecretDIGEST-MD5 property to be disabled * GSSAPI plugin: Added support for retrieving negotiated SSF Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF Properly compute maxbufsize AFTER security layers have been set * SCRAM plugin: Added support for SCRAM-SHA-256 * LOGIN plugin: Don’t prompt client for password until requested by server * NTLM plugin: Fixed crash due to uninitialized HMAC context - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - bsc#983938 `After=syslog.target` left-overs in several unit files - added patches: fix_libpq-fe_include.diff for fixing including libpq-fe.h - removed patches obsoleted by upstream changes: * shared_link_on_ppc.patch * cyrus-sasl-2.1.27-openssl-1.1.0.patch * 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * 0003-Check-return-error-from-gss_wrap_size_limit.patch * 0004-Add-support-for-retrieving-the-mech_ssf.patch * 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch * cyrus-sasl-fix-logging-in-gssapi.patch- Added support for retrieving negotiated SSF in gssapi plugin (bsc#1162518) * Add 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * Add 0003-Check-return-error-from-gss_wrap_size_limit.patch * Add 0004-Add-support-for-retrieving-the-mech_ssf.patch - Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF (bsc#1162518) * Add 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch- added backport-patch cyrus-sasl-bug587.patch which fixes off-by-one error in _sasl_add_string function (see CVE-2019-19906 bsc#1159635)- bnc#1044840 syslog is polluted with messages "GSSAPI client step 1" By server context the connection will be sent to the log function. Client content does not have log level information. I.e. there is no way to stop DEBUG level logs nece I've removed it. * add cyrus-sasl-fix-logging-in-gssapi.patch- OpenSSL 1.1 support (bsc#1055463) * add cyrus-sasl-2.1.27-openssl-1.1.0.patch from Fedora- added cyrus-sasl-issue-402.patch to fix SASL GSSAPI mechanism acceptor wrongly returns zero maxbufsize #402 (see https://github.com/cyrusimap/cyrus-sasl/issues/402)- bnc#1026825 saslauthd: :set_auth_mech : unknown authentication mechanism: kerberos5- really use SASLAUTHD_PARAMS variable (bnc#938657)- bnc#908883 cyrus-sasl-scram refers to wrong RFC- Make sure /usr/sbin/rcsaslauthd exists/bin/sh/bin/shibs-power9-13 1645520564 2.1.27-150300.4.6.12.1.27-150300.4.6.1sasl2cyrus_sasl_sample_clientcyrus_sasl_sample_serversasl2libanonymous.solibanonymous.so.3libanonymous.so.3.0.0liblogin.soliblogin.so.3liblogin.so.3.0.0libsasldb.solibsasldb.so.3libsasldb.so.3.0.0pluginviewersasldblistusers2saslpasswd2cyrus-saslCOPYINGsasl.3.gzpluginviewer.8.gzsasldblistusers2.8.gzsaslpasswd2.8.gz/etc//usr/bin//usr/lib64//usr/lib64/sasl2//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/cyrus-sasl//usr/share/man/man3//usr/share/man/man8/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:22965/SUSE_SLE-15-SP3_Update/f31563e28dd2787f23e8d4a931ea78b6-cyrus-sasl.SUSE_SLE-15-SP3_Updatedrpmxz5ppc64le-suse-linux directoryELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=181530ccbe9dbc109fe8220df26fd6c282e933de, for GNU/Linux 3.10.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=1f7b15a43232d75cce7778c4ce804101769914bc, for GNU/Linux 3.10.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=d57217226524748722caad9b61a948f5b7fd4d26, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=a3920e92a3174ec78629b38691b83dd4cccbfe11, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=65f68ecd31dfcca9590ec3511a8d6605e9ad40fc, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=fc7f8408a29d0c98f88f3f575e308f24bb04c213, for GNU/Linux 3.10.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=97b03cefb0e03b7580ca51ffb4dfd6017c096781, for GNU/Linux 3.10.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=ffed8416ab3b844c3c0255dd78622390dc53b353, for GNU/Linux 3.10.0, strippedASCII texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix) RRRRRRRRPRRPRRPRRRRRRRRRRRRR]H utf-8c63e26702a1ee15a2344fac990e655c3940cb29a4bf86b69ad399a5d28807634?7zXZ !t/C]"k%a3[,Zz@b9Qragآ-=Ѹɔ S ٫"aBdz^Aa}R"~gMRqr,ˆ#&_w@/RAݽ1zK#V'?j)!?ߧR2 ^cU`/G{i7vBz?e2e0$v ![N?IHP~0=ۄ/3oIWʈZ%P#久Nk|a]x #GoiGKIɇNWPQ9m 8a)EBۖc :>,;].dZP^zDn:@?p!mvDr HdiIG<*G ndb3@478ʘ{(F$(CIRB8C2f >eL'2%'O 6q0 1ů"'wK\ JSYXN3HCK-сjR)˖#{SZe {sbrx1bai\/v_@t׆UpEX'w;AXJWf3p}F ٠OgEGƑ(x9m?r_j|ϾDkt\~X Ѡ)±¢mLd{Rg!:]V?CmE,]/`@`^X7=Jđ- Y;I|j"Р2Km_q^8Ehn_7D)5siӅ,>1,J Bw_TKXGȡ&:{цuCU,RN˅ I߳?'{< .n6DM3`]:Yb u(ނq!IDc q~;&>$HXgZԲ]#`f`-S\K¨Af,UNnyG䗕4pOjH,kxRk̝ q=ք6a ag[>&Z0CDeg׊oX;g!vD70'T¯=raBPG)EK nUOdds+.kl+?G]]\IcBS?a eX/|.8B?5 nBUI|3*38;r{jBsDji'S< s.jXhipP7B=sc-^hS4wc{JH\~,å0:u$'DwPy`\s]#6 N&a]uEU%{B߼4+e20`2O8¯ 5未rF!p075_:G9lLsjiqȳ܊P] w[[n(:& 9l{^rl dxZk!2ϩ1:љPЁus>msU,3n_0Ooͥ4Yt tW<K6Kzŋ >@דvLRX 4ΐJpL9' ebic[ł+#'C_AF|L&ݘj UbjÎL;+?A سɊM!f $HTOS(='{&VupoB{X޾g龗@@AзnWzgF5sÙ[نCΡHG{1qH_L*H2)׏$ᔈ;ԇр[$.+$Dmp$+/o?J)ʤUPIxDaGOU֥)S z[эMD׵Np,z[T/LZ# L7uz~pXQfQC֑ 4("@XٰN # GI\TMbc[Fk/qPÖ̞2]e*fT2=_ʞMU> 'lNJ25=d[_݇Y@H10o5}T_Fs³h}3#f=9 *gE"(Ղ^WzEWXb|[pMZ%U$s:+Zژ<#- (IS]EA (@9c+tR~֓zlEcmxVpD¯\ cn@ӎ*> UINqrƝ'kTS*+%[| ~Vro^銨Nml˸iK}wKp#ktGX3/,(~Q'gXc}e_ Xx]/efٹxk2r`5!ޣ24%YK&^XOWJ X8D}<ф}BsG'̰KŒϊ%GHetr&6PW^A*:9gO"%W?lg? , /E!w;E>qj3'nP HcW6[S'VE+ 7ڍ)2t>2Pv|iHs8rN<)RT_׆v;ϯUѦO8ne?A\f"կ,";7Pny6 zG CPp'nnb͹'K%cTSZ>[>J$: Xro| kNnHd}IL0ܖ ؓiDpr--*\C{U4:S g`*^9I4B} :'C˙*C#H{<'ٞOO(]$׿1$PBq"Cqn#KV,wZ$ɡq4Ƨi7)7'O Ac\1Dzz +u"o?"bӆYJR-;VmعO );ۍ(U^m׬SBQTT^UƤz"Ӷx,-~)6<Wep g.LⲄgz<(x}@pxg&‡_:匹6GH!qm(g"Irt~Y;^z^F^ oS$|F~ձx*-}x%u*BÐLQl1ͼ@dMQ=Z`{?!ͥwXO@ NY(@g8 +AՓ74sچc))*tUwھh8[-7, 7E'Q<\] aMdcX4lBREbxxͺa1Ldc}7ZoD)9Y`fM eˍBvy} 'LoUZ3[1˯W(" †э(\v͇jŶm벦@cǫ¨)ҭ2+j/lrϢV_}~ي{"JM x#`M9!BdÒDKyHȑb4Wqd>*n҂)•}e x 5U(W?Q)E=d|aF^3 <)7Q}Վ_" o}wk\?%q[bgᵓLOn0OCZ_y_aH J["  YO<.$N5.TKfvHCR L̼J>|3*Th'&,D>xCz|Nw6g~Vw|%]pCoȞ_:xtn/@hN/wj *m)`p*hJ ?neeo+Pd~].l!ה(2ثԦ4quMc>}6kڞ̩h.S| 9W幘5)qF\ Z &S4 Җ?܏B ݋!kmߤE.EH;%~rS`d0nH\hm&f v5 HڸC:$ !֛ĐXQצ#D7 WwBS=B=HJɢHlJf˕Bq υ;sḺgF&?{$?Jk׮ʋXv*G)*Lp΢1E/|}Z?RrHr~ oZL^tb_&E“5h@! .%?8bf6#aC.uqgT+/Ŵa3G++鋳7`%k*UB{]2G>ƀƊYA\.tt^ЛA4f;O|vcLU^):%".3A.r+_ 2Q=l/#=.ҶCU値B}su ̞ 3ٽрeP ͆"4m$*8ă`C a[~v *ܶQg_Ƣ']xsOoij)qOa汘|Zʼnkvn,}ş J|Q( 2̞phE1BTb^@7)ݠnJ~?e9 X|2g9; YZ