From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 92466 invoked by alias); 9 Jan 2020 15:50:43 -0000 Mailing-List: contact cygwin-announce-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-announce-owner@cygwin.com Reply-To: The Cygwin Mailing List Mail-Followup-To: cygwin-announce@cygwin.com Return-Path: Received: (qmail 53504 invoked by uid 89); 9 Jan 2020 02:35:21 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-5.7 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,KAM_NUMSUBJECT,RCVD_IN_DNSWL_LOW,SPF_SOFTFAIL autolearn=ham version=3.3.1 spammy=protocols, DESCRIPTION, H*r:sk:mail.da, HTo:U*cygwin-announce X-HELO: resqmta-po-05v.sys.comcast.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastmailservice.net; s=20180828_2048; t=1578537315; bh=GHAaigTAbT26RHuO68EBnvh3vptYXVl+FGbutheD2Vo=; h=Received:Received:Received:To:From:Subject:Message-ID:Date: MIME-Version:Content-Type; b=EWRe5b7WDtKXu5E7okiyGeyY9wyVRjeWS+fl6Qwk4ZapQUyOwqB7s61//rza+z+2O cwhBFvo8XTOZC+G34o0B/wEP1YWEkU0GZZcpj3k+rJeHA6O/NqIJbQDOTVwX5LUZLe uLFACQvV1ay5ZAc0LOwhUAjz5iysVuOpcg5FI/gh6hZtYBcbs8XUCWfY5JNJeurHDb O8CqfZOoxbc/2Z6tOAXEq5bj1wKOZj0ZfpL6HclTex+8+T3JOPqb18/o7pITTrunq3 T7gpm48M/WjlrbKFDaDzcp+1CfRHkSdTtsbdNFkTRB5ijHBjb+qcP9cgM9W5B/p02/ LvD5h/G1ecvHQ== X-Xfinity-VAAS: gggruggvucftvghtrhhoucdtuddrgedufedrvdehledggeejucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuvehomhgtrghsthdqtfgvshhipdfqfgfvpdfpqffurfetoffkrfenuceurghilhhouhhtmecufedttdenucenucfjughrpefvhffukffffgggtgfgsehtjeertddtfeehnecuhfhrohhmpeffrghvihguucftohhthhgvnhgsvghrghgvrhcuoegurghvvghrohhthhesrggtmhdrohhrgheqnecuffhomhgrihhnpegthihruhhsihhmrghprdhorhhgnecukfhppeejfedrgedvrddujedtrddvgeenucfrrghrrghmpehhvghlohepmhgrihhlrdgurghvvghrohhthhdrugihnhgunhhsrdhorhhgpdhinhgvthepjeefrdegvddrudejtddrvdegpdhmrghilhhfrhhomhepuggrvhgvrhhothhhsegrtghmrdhorhhgpdhrtghpthhtoheptgihghifihhnqdgrnhhnohhunhgtvgestgihghifihhnrdgtohhmnecuvehluhhsthgvrhfuihiivgeptd X-Xfinity-VMeta: sc=0.00;st=legit To: cygwin-announce@cygwin.com From: David Rothenberger Subject: Updated: cyrus-sasl-2.1.27-1 Message-ID: Date: Thu, 09 Jan 2020 15:50:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Firefox/68.0 Thunderbird/68.3.1 MIME-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-SW-Source: 2020-01/txt/msg00006.txt.bz2 A new release of cyrus-sasl and related packages is available. SECURITY: ========= This release includes a patch for CVE-2019-19906: Off-by-one in _sasl_add_string function. DESCRIPTION: ============ SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. To use SASL, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection. See http://cyrusimap.org/ for more information. QUESTIONS: ========== If you want to make a point or ask a question the Cygwin mailing list is the appropriate place. -- David Rothenberger ---- daveroth@acm.org