Product SiteDocumentation Site

1.33.  cyrus-sasl

1.33.1.  RHBA-2009:1330: bug fix update

Updated cyrus-sasl packages that fix various bugs are now available.
The cyrus-sasl packages contain the Cyrus implementation of SASL. SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols.
This errata fixes the following bugs:
  • the shadow authentication method was not working properly on 64 bit architectures. The saslauthd might randomly crash if it was configured to authenticate against the shadow file. (BZ#433583)
  • the rimap authentication method was not working properly when user passwords contain double quote characters. The saslauthd process would hang when it was configured to authenticate with the rimap method and user password contained such characters. (BZ#438533)
  • the saslauthd init script did not support a reload command although it was mentioned in the init script usage instructions. The reload is now implemented as a conditional restart of the saslauthd daemon. (BZ#448154)
  • the pluginviewer command did not display plugins which were not statically linked into it. The pluginviewer command is now linked dynamically so it can display any cyrus-sasl plugins which are installed on the system. (BZ#473197)
  • the ldap authentication method had very long timeout for network failure detection. The saslauthd now sets a network failure timeout based on the ldap_timeout configuration option. (BZ#475726)
All Cyrus users are advised to install this updated package, which addresses these issues.

Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.