[SECURITY] Fedora EPEL 6 Update: php-pear-Auth-SASL-1.0.6-1.el6

updates at fedoraproject.org updates at fedoraproject.org
Mon Sep 29 16:27:01 UTC 2014 

--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-2650
2014-09-12 18:15:56
--------------------------------------------------------------------------------

Name        : php-pear-Auth-SASL
Product     : Fedora EPEL 6
Version     : 1.0.6
Release     : 1.el6
URL         : http://pear.php.net/package/Auth_SASL
Summary     : Abstraction of various SASL mechanism responses
Description :
Provides code to generate responses to common SASL mechanisms, including:
o Digest-MD5
o CramMD5
o Plain
o Anonymous
o Login (Pseudo mechanism)

--------------------------------------------------------------------------------
Update Information:

Update to epel7 parity for feature and security enhancements.
php-pear-Auth-SASL-1.0.6-1.el6 to support roundcubemail update.

It's not a completely unattended install.  It used to work fine without a config.inc.pnp file, but now it requires one.
With version 1.0 of Roundcube, the structure of the config files changed. The previously used main.inc.php and db.inc.php files are now replaced with one single config.inc.php file which only contains the config options that differ from the defaults. This shall make future updates even simpler. Both, the command line update script as well as the installer will take care of the migration. Just note that from now on, the (one and only) config file for Roundcube is config.inc.php. Running /usr/share/roundcubemail/bin/update.sh seems to work.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1091445 - CVE-2012-4230 roundcubemail: tinymce: XSS attacks via security policy bypass [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=1091445
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update php-pear-Auth-SASL' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the epel-package-announce mailing list