Updated: cyrus-sasl-2.1.27-1

David Rothenberger daveroth@acm.org
Thu Jan 9 15:50:00 GMT 2020

A new release of cyrus-sasl and related packages is available.

This release includes a patch for CVE-2019-19906: Off-by-one in
_sasl_add_string function.

SASL is the Simple Authentication and Security Layer, a method for
adding authentication support to connection-based protocols. To use
SASL, a protocol includes a command for identifying and
authenticating a user to a server and for optionally negotiating
protection of subsequent protocol interactions. If its use is
negotiated, a security layer is inserted between the protocol and
the connection.

See http://cyrusimap.org/ for more information.

If you want to make a point or ask a question the Cygwin mailing list is
the appropriate place.

David Rothenberger  ----  daveroth@acm.org

More information about the Cygwin-announce mailing list