cyrus-sasl-2.1.28-150600.7.6.2<>,;hLNp9| Z  6V܉Em+܁Ka'%hn ^Gysإ$)PEQH ;GȀx܈|-W>ԅVL w n&&2^Gp+Ui>E0?/d  ! B' =[\    d    @   t   \  #($8,9x:=">"F"G"H#@I#X#Y#\#]$H^% b&1c&d'_e'df'gl'iu'|v' w.\x.y/ "z/////Ccyrus-sasl2.1.28150600.7.6.2Implementation of Cyrus SASL APIThis is the Cyrus SASL API. It can be used on the client or server side to provide authentication. See RFC 2222 for more information.hLNibs-power9-21_SUSE Linux Enterprise 15SUSE LLC BSD-4-Clausehttps://www.suse.com/Productivity/Networking/Otherhttps://github.com/cyrusimap/cyrus-sasl/linuxppc64le#Convert password file from berkely into gdbm #In %pre the existing file will be dumped out if test -x /usr/bin/db_verify && /usr/bin/db_verify /etc/sasldb2 >/dev/null 2>&1 ; then cat > /var/adm/update-scripts/saslpw.awk < /var/adm/update-scripts/saslpwd rm -f /var/adm/update-scripts/saslpw.awk mv /etc/sasldb2 /etc/sasldb2-back fiif [ -e /var/adm/update-scripts/saslpwd ]; then chmod 755 /var/adm/update-scripts/saslpwd /var/adm/update-scripts/saslpwd rm -f /var/adm/update-scripts/saslpwd fiP((E AAA큤hLNhLNhLNhLNhLNhLNhLNhLNhLNhLNhLNhLNhLNhLNhLNhLNhLNbhLNhLNhLNhLN3d15b14a0a0a443ec9b4ca2522c1be8640072bad132961e058f5df08cd6f9e4026eb35db27a87f1c85f012c438c5e54bbe72c9f0d2dc011bdf1ff17d3e9e4993728264a03257b4180559be0df36e268360e994e1edd8ce97157b035d69481ba8ec784ee4b8dee29b66de576e20ed01b3c17789f6270a95bb4d6e160e9cb679dd2bbf9cc42ee20e720c5bb57f267424a3b9f44e5a0f56007eb6b1e4497cfa8472e8a418cb2af29ad860da34d1e22a6064d31b73bdbae234945ddf516c14024580a56996fcec94f770df83cfb099e8a0ce6e5c177e613df616ab56b475c673e54649706897c1cc616dda8a8db774a036a1370b6d319a3ce960845a78663a6673299d6e5d1632140a6c135b251260953650d17d87cd1124f87aaf72192aa4580d4ba272241a92bcf191b1efaecebbf68a5f004b42dbde6b9f4c812c5e1697679787a4a8e47b028c75818a77fb90b8078fa44183abc0576a05614bc55eecf0f5e919ea80324cf7a1ab202088019bf0fcdc2d0e672aa8be79f85c7bce2a9e2fe5fadabdd7b9a615809aacae452aae239254bf42e7d6ce74c667116167a3480eebf2c6libanonymous.so.3.0.0libanonymous.so.3.0.0liblogin.so.3.0.0liblogin.so.3.0.0libsasldb.so.3.0.0libsasldb.so.3.0.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootcyrus-sasl-2.1.28-150600.7.6.2.src.rpmcyrus-saslcyrus-sasl(ppc-64)libanonymous.so.3()(64bit)liblogin.so.3()(64bit)libsasldb.so.3()(64bit)@@@@@@@@    /bin/sh/bin/shlibc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.34)(64bit)libc.so.6(GLIBC_2.38)(64bit)libgdbm.so.4()(64bit)libgssapi_krb5.so.2()(64bit)libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)libsasl2.so.3()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-1cyrus-sasl-bdb4.14.3h-@f@cvc@b(a@a@`7@_I@_j^;]߶\X)@Y@@Xg@XVhT@Tw@scabrero@suse.deangel.yankov@suse.comdmueller@suse.comdimstar@opensuse.orgdmueller@suse.comdmueller@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comscabrero@suse.demichael@stroeder.comvarkoly@suse.comvcizek@suse.commichael@stroeder.comvarkoly@suse.combwiedemann@suse.comvarkoly@suse.comjengelh@inai.de- Add Channel Binding support for GSSAPI/GSS-SPNEGO; (bsc#1229655); (jsc#PED-12097); Add patch 0009-Add-Channel-Binding-support-for-GSSAPI-GSS-SPNEGO.patch - Add support for setting max ssf 0 to GSS-SPNEGO; (bsc#1229655); (jsc#PED-12097); Add patch 0010-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO.patch- Make DIGEST-MD5 work with openssl3 ( bsc#1230111 ) RC4 is legacy provided since openSSL3 and requires explicit loading, disable openssl3 depricated API warnings. * Add cyrus-sasl-make-digestmd5-work-ssl3.patch- drop optional opie dependency- Do not set directories inside doc/ mode 644; otherwise the directories are set 644 as well, which means no files inside are accessible. This resulted in the past in doc/ actually not being added to the devel package.- update to 2.1.28 (bsc#1196036, CVE-2022-24407): * https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28 - drop cyrus-sasl-bug587.patch (upstream)- cyrus-sasl: prevent fail of %pre when berkely db utils are not installed (seems like we want to use this only for upgrade so no Prereq added) - move license to licensedir - remove use of RPM_BUILD_ROOT - minimal spec cleanups - avoid bashisms- postfix: sasl authentication with password fails (bsc#1194265) Add config parameter --with-dblib=gdbm - Avoid converting of /etc/sasldb2 by every update. Convert /etc/sasldb2 only if it is a Berkeley DB- Fix build: Do not build libsasl2-3 in the bdb package. This will not be linked to berkely db. libsasl2-3 is now defined as %BuildRequires and %Requires- CVE-2020-8032: cyrus-sasl: Local privilege escalation to root due to insecure tmp file usage. (bsc#1180669) Use /var/adm/update-scripts/ instead of /tmp. Clean up temporary files.- Remove Berkeley DB dependency (JIRA#SLE-12190) The packages cyrus-sasl and cyrus-sasl-saslauthd are built without Berkely DB support. gdbm will be used instead of BDB. The packages cyrus-sasl-bdb and cyrus-sasl-saslauthd-bdb are built with Berkely DB support. - Update to 2.1.27 * Added support for OpenSSL 1.1 * Added support for lmdb * Lots of build fixes * Treat SCRAM and DIGEST-MD5 as more secure than PLAIN when selecting client mech * DIGEST-MD5 plugin: Fixed memory leaks Fixed a segfault when looking for non-existent reauth cache Prevent client from going from step 3 back to step 2 Allow cmusaslsecretDIGEST-MD5 property to be disabled * GSSAPI plugin: Added support for retrieving negotiated SSF Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF Properly compute maxbufsize AFTER security layers have been set * SCRAM plugin: Added support for SCRAM-SHA-256 * LOGIN plugin: Don’t prompt client for password until requested by server * NTLM plugin: Fixed crash due to uninitialized HMAC context - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - bsc#983938 `After=syslog.target` left-overs in several unit files - added patches: fix_libpq-fe_include.diff for fixing including libpq-fe.h - removed patches obsoleted by upstream changes: * shared_link_on_ppc.patch * cyrus-sasl-2.1.27-openssl-1.1.0.patch * 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * 0003-Check-return-error-from-gss_wrap_size_limit.patch * 0004-Add-support-for-retrieving-the-mech_ssf.patch * 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch * cyrus-sasl-fix-logging-in-gssapi.patch- Added support for retrieving negotiated SSF in gssapi plugin (bsc#1162518) * Add 0002-Drop-unused-parameter-from-gssapi_spnego_ssf.patch * Add 0003-Check-return-error-from-gss_wrap_size_limit.patch * Add 0004-Add-support-for-retrieving-the-mech_ssf.patch - Fixed GSS-SPNEGO to use flags negotiated by GSSAPI for SSF (bsc#1162518) * Add 0001-Fix-GSS-SPNEGO-mechanism-s-incompatible-behavior.patch- added backport-patch cyrus-sasl-bug587.patch which fixes off-by-one error in _sasl_add_string function (see CVE-2019-19906 bsc#1159635)- bnc#1044840 syslog is polluted with messages "GSSAPI client step 1" By server context the connection will be sent to the log function. Client content does not have log level information. I.e. there is no way to stop DEBUG level logs nece I've removed it. * add cyrus-sasl-fix-logging-in-gssapi.patch- OpenSSL 1.1 support (bsc#1055463) * add cyrus-sasl-2.1.27-openssl-1.1.0.patch from Fedora- added cyrus-sasl-issue-402.patch to fix SASL GSSAPI mechanism acceptor wrongly returns zero maxbufsize #402 (see https://github.com/cyrusimap/cyrus-sasl/issues/402)- bnc#1026825 saslauthd: :set_auth_mech : unknown authentication mechanism: kerberos5- really use SASLAUTHD_PARAMS variable (bnc#938657)- bnc#908883 cyrus-sasl-scram refers to wrong RFC- Make sure /usr/sbin/rcsaslauthd exists/bin/sh/bin/shibs-power9-21 1749831421 2.1.28-150600.7.6.22.1.28-150600.7.6.2sasl2cyrus_sasl_sample_clientcyrus_sasl_sample_serversasl2libanonymous.solibanonymous.so.3libanonymous.so.3.0.0liblogin.soliblogin.so.3liblogin.so.3.0.0libsasldb.solibsasldb.so.3libsasldb.so.3.0.0pluginviewersasldblistusers2saslpasswd2cyrus-saslCOPYINGsasl.3.gzpluginviewer.8.gzsasldblistusers2.8.gzsaslpasswd2.8.gz/etc//usr/bin//usr/lib64//usr/lib64/sasl2//usr/sbin//usr/share/licenses//usr/share/licenses/cyrus-sasl//usr/share/man/man3//usr/share/man/man8/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:39256/SUSE_SLE-15-SP6_Update/5bf6c7f2c74b01cf63cce24aeb34cebd-cyrus-sasl.SUSE_SLE-15-SP6_Updatedrpmxz5ppc64le-suse-linux directoryELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=8bf18f77d326d4277ce2aad41fe5096822b911dd, for GNU/Linux 4.3.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=e1e8f0ac65abb4154fd37272cb4614075b2c8121, for GNU/Linux 4.3.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=a53e06f1343331c041f493c0e6233d42144c3b66, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=e8d2838186d04b74f03c7665c273b4ceebbb14d0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=f88a91c8c4a30a3dc4b85b1e40ef86dc9cb621d6, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=c878af2b3d7b1be5a1d2a0cc5178d19d6851f4b5, for GNU/Linux 4.3.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=6fbff7d09af61336f293f1430a4f38c5a9e4c9a3, for GNU/Linux 4.3.0, strippedELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, interpreter /lib64/ld64.so.2, BuildID[sha1]=81a99f689b00ce8334ed9954e3d65ddefcec5d27, for GNU/Linux 4.3.0, strippedASCII texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix) RRR RRRRR RRPRRPRRPRRRRRRR RRRR RRRRR R>ӓblutf-8bd1d4307474cef024e485fd8353a70a1e54da63aaa34d2b45507bb02bd1d256b?7zXZ !t/X]"k%|[,Zz@u-pydJ>,S(ĪlZkGqH%_!^|+"3-;~ӾHGne4޸vxPRD٘sڃWR"OAiڤG< ߝזS9,MU0A@DҠمt}#u8މH8bU9'(e,xdxn~{[=f pk}}tILdIjkeO[hBK%3w6L8K"u% w+ByXn&׎sqT =_h1p0QrɆR"k=_EjSRJ!1CEͶSBq٦ln_ѷ[Gݽ<؅ 2G_+qkʕZcn (vh"?&NGt .Bpϩ^t /%[U<8xl`X18X|̍+<1m[ar epd+̓o▁qZ@fDrG;7?J;R ݿE6hzr5^ፎ?jwˠhR6W:¨UnW)\mP8Ů]6;.ǙJb×l!A~,$\rz2UQF63inb)ʜ }Ȅ 0Q>,oZFRySJY<Źq*c/~59(;b$+zS)SX|}&$$IHr=o}zz M+X:p !#&ʚ6rl0b|@:|Ť*)U1`#@Bc#XYr2?O@ Ig2qZY"QI4xK)7 m}ŏ|j0Cw{J Ü`1+|pU 0ͫ-2=i{x"-Wi<f+RȎE {rcKQb@ 28(̀Q'&Aa1B#echѲ5 2HstOp`jOJD9wj3 ZI>".y2@򠅴f<kF/B0qTPlcZ`xU^25 '%<4Yð԰^Hzqsp] li-!dei_=' Mډ&kj`v*roY^zyVX2S}鳲P<EAt"%:^-GǺ喨s*r8}I#c8RSA"hgȤ3n Qh"씬,>{r<%t=,s^rd{N" $qznOKEӨ fѾYu`&99ϗrY13WmoD1rncx,i+B0T&Ic"v*FKy.I@s2+4H(7 xeU[A; u} ) YZ