Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package cyrus-imapd-2.4 It has been discovered that we are distributing an incomplete patch, which normalizes all username in the authentication even when the normalization is not enabled. This basically disallows users with CamelCase account names to log into the mail server. I would classify this bug as important/normal since the fraction of users with CamelCaseAccountNames is (hopefully) very low, but I might be mistaken and it might hit a quite large userbase. So I guess it's better to be safe than sorry. Other part of this patch is a purely cosmetic; it just removes mentions of DRAC (pop-before-smtp) which has been disabled some time ago, but I already got one report about the confusion this creates. Thanks. $ diffstat cyrus-imapd-2.4_2.4.16-4.debdiff changelog | 8 +++++++ control | 5 ---- imapd.conf | 7 ------ patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch | 11 ++++++++++ 4 files changed, 19 insertions(+), 12 deletions(-) unblock cyrus-imapd-2.4/2.4.16-4 -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
diff -Nru cyrus-imapd-2.4-2.4.16/debian/changelog cyrus-imapd-2.4-2.4.16/debian/changelog --- cyrus-imapd-2.4-2.4.16/debian/changelog 2013-02-26 12:37:22.000000000 +0100 +++ cyrus-imapd-2.4-2.4.16/debian/changelog 2013-03-13 11:47:43.000000000 +0100 @@ -1,3 +1,11 @@ +cyrus-imapd-2.4 (2.4.16-4) unstable; urgency=low + + * Update normalize patch to correctly set the normalize option in the + global library (Closes: #702941) + * Remove disabled DRAC from description + + -- Ondřej Surý <ond...@debian.org> Wed, 13 Mar 2013 11:12:57 +0100 + cyrus-imapd-2.4 (2.4.16-3) unstable; urgency=low * Use find -H instead of plain find to fix the permissions inside the diff -Nru cyrus-imapd-2.4-2.4.16/debian/control cyrus-imapd-2.4-2.4.16/debian/control --- cyrus-imapd-2.4-2.4.16/debian/control 2013-02-26 12:37:22.000000000 +0100 +++ cyrus-imapd-2.4-2.4.16/debian/control 2013-03-13 11:47:43.000000000 +0100 @@ -52,7 +52,6 @@ including support for: - running the daemon without root privileges; - POP3 and NNTP in addition to plain IMAP; - - POP/IMAP-before-SMTP using DRAC; - secure IMAP using SSL; - server-side filtering with Sieve; - mail users without login accounts; @@ -83,7 +82,6 @@ including support for: - running the daemon without root privileges; - POP3 and NNTP in addition to plain IMAP; - - POP/IMAP-before-SMTP using DRAC; - secure IMAP using SSL; - server-side filtering with Sieve; - mail users without login accounts; @@ -109,7 +107,6 @@ including support for: - running the daemon without root privileges; - POP3 and NNTP in addition to plain IMAP; - - POP/IMAP-before-SMTP using DRAC; - secure IMAP using SSL; - server-side filtering with Sieve; - mail users without login accounts; @@ -135,7 +132,6 @@ including support for: - running the daemon without root privileges; - POP3 and NNTP in addition to plain IMAP; - - POP/IMAP-before-SMTP using DRAC; - secure IMAP using SSL; - server-side filtering with Sieve; - mail users without login accounts; @@ -248,7 +244,6 @@ including support for: - running the daemon without root privileges; - POP3 and NNTP in addition to plain IMAP; - - POP/IMAP-before-SMTP using DRAC; - secure IMAP using SSL; - server-side filtering with Sieve; - mail users without login accounts; diff -Nru cyrus-imapd-2.4-2.4.16/debian/imapd.conf cyrus-imapd-2.4-2.4.16/debian/imapd.conf --- cyrus-imapd-2.4-2.4.16/debian/imapd.conf 2013-02-26 12:37:22.000000000 +0100 +++ cyrus-imapd-2.4-2.4.16/debian/imapd.conf 2013-03-13 11:47:43.000000000 +0100 @@ -116,13 +116,6 @@ # specified in the script. Valid methods are null, log, zephyr, mailto #sievenotifier: zephyr -# DRAC (pop-before-smtp, imap-before-smtp) support -# Set dracinterval to the time in minutes to call DRAC while a user is -# connected to the imap/pop services. Set to 0 to disable DRAC (default) -# Set drachost to the host where the rpc drac service is running -#dracinterval: 0 -#drachost: localhost - # If enabled, the partitions will also be hashed, in addition to the hashing # done on configuration directories. This is recommended if one partition has a # very bushy mailbox tree. diff -Nru cyrus-imapd-2.4-2.4.16/debian/patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch cyrus-imapd-2.4-2.4.16/debian/patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch --- cyrus-imapd-2.4-2.4.16/debian/patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch 2013-02-26 12:37:22.000000000 +0100 +++ cyrus-imapd-2.4-2.4.16/debian/patches/cyrus-imapd-2.4.2-903-normalize-authorization-id.patch 2013-03-13 11:47:43.000000000 +0100 @@ -15,6 +15,17 @@ lib/libcyr_cfg.h | 2 ++ 4 files changed, 29 insertions(+), 0 deletions(-) +--- a/imap/global.c ++++ b/imap/global.c +@@ -224,6 +224,8 @@ int cyrus_init(const char *alt_config, c + config_getswitch(IMAPOPT_UNIX_GROUP_ENABLE)); + libcyrus_config_setswitch(CYRUSOPT_USERNAME_TOLOWER, + config_getswitch(IMAPOPT_USERNAME_TOLOWER)); ++ libcyrus_config_setswitch(CYRUSOPT_NORMALIZEUID, ++ config_getswitch(IMAPOPT_NORMALIZEUID)); + libcyrus_config_setswitch(CYRUSOPT_SKIPLIST_UNSAFE, + config_getswitch(IMAPOPT_SKIPLIST_UNSAFE)); + libcyrus_config_setstring(CYRUSOPT_TEMP_PATH, --- a/lib/auth_unix.c +++ b/lib/auth_unix.c @@ -156,10 +156,12 @@ const char *identifier;
