ALSA-2022:0658

[ALSA-2022:0658] Important: cyrus-sasl security update

Type:

security

Severity:

important

Release date:

2022-02-23

Description:

The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer (SASL). SASL is a method for adding authentication support to connection-based protocols.

Security Fix(es):

* cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands (CVE-2022-24407)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	cyrus-sasl-ldap-2.1.27-6.el8_5.aarch64.rpm	1edf76aa97feccccab346a72af06bf36032a48a1c284ab9e4b53dba4cc5df7bb
aarch64	cyrus-sasl-plain-2.1.27-6.el8_5.aarch64.rpm	301593b7c5a595829571d10f534ebce7a9191e85766e7657ff887720f0ad9974
aarch64	cyrus-sasl-scram-2.1.27-6.el8_5.aarch64.rpm	34e866e44780b3e07a153e1cb6942a632e92e32724e0bee07b64e78ade7d3b0d
aarch64	cyrus-sasl-gs2-2.1.27-6.el8_5.aarch64.rpm	35158ccf950adb41fda433c87119a8f7fbb283c886a82b67592d707337e39340
aarch64	cyrus-sasl-devel-2.1.27-6.el8_5.aarch64.rpm	69a883daf5ecdb923cfdc069c593d866f78b1103cc4ff7eb99c9e8d8cb3c0199
aarch64	cyrus-sasl-md5-2.1.27-6.el8_5.aarch64.rpm	6afd746f95714787666368b6cd278f2634707731e4ccd48dcf21fdf55b1e0f2a
aarch64	cyrus-sasl-2.1.27-6.el8_5.aarch64.rpm	8852a090447539e12930cce9e4ac48329100bb9f605bad7d130da74743c8e385
aarch64	cyrus-sasl-ntlm-2.1.27-6.el8_5.aarch64.rpm	9ee4e16f02686d1f4c031a2b85cadbd28389d50f7a445bd84ea4f6ff4285c010
aarch64	cyrus-sasl-sql-2.1.27-6.el8_5.aarch64.rpm	ef96b38eb9668fbcfe6980749df19716c19e49328a869f937c39848f374f5deb
aarch64	cyrus-sasl-lib-2.1.27-6.el8_5.aarch64.rpm	f75d1b8631a9271be94a1d7cbdae9def711995cb5331aa7de223cf7473a0bb2d
aarch64	cyrus-sasl-gssapi-2.1.27-6.el8_5.aarch64.rpm	fc984cf8d5e8834d9d6072ae0136448fb7a7d051a0f1c560c3d842fa32675da4
i686	cyrus-sasl-sql-2.1.27-6.el8_5.i686.rpm	f018d43b0da36ce3ace9c49e6d462913d96f97bd246931de3c9728ea5462dba6
ppc64le	cyrus-sasl-devel-2.1.27-6.el8_5.ppc64le.rpm	04df1ab57d6f12e0cd799706d4f9bb2c496fcf2d381c96a56828a493b588fc97
ppc64le	cyrus-sasl-ntlm-2.1.27-6.el8_5.ppc64le.rpm	1994517ff956be3b78ece14747169d7d004b966824d904b1507dc81581c9e042
ppc64le	cyrus-sasl-scram-2.1.27-6.el8_5.ppc64le.rpm	2c29c2acac49761ebf4fdd6239d9f5928edd6f7d5b02f492e6cab5d0b6fc784e
ppc64le	cyrus-sasl-ldap-2.1.27-6.el8_5.ppc64le.rpm	39d6581cf53555a8ea03c83cdc3298e836ba37790c4269db40bb88e8c279d771
ppc64le	cyrus-sasl-sql-2.1.27-6.el8_5.ppc64le.rpm	6875d890d005c034c750122c1c29defa6b9e7e6802a05668905ea089870a2b94
ppc64le	cyrus-sasl-gssapi-2.1.27-6.el8_5.ppc64le.rpm	84d61814c1cad911dce008b6f2c4007df127c89e983921fdce409a6f86ab95d8
ppc64le	cyrus-sasl-plain-2.1.27-6.el8_5.ppc64le.rpm	a1939dea5c1e9119b0309518350ad2f99b9b3abfcaf5e9d17a027e54765bdb21
ppc64le	cyrus-sasl-gs2-2.1.27-6.el8_5.ppc64le.rpm	b8dec4ccaa33dac8143bfd0f6cea213b21298c630f5f456ba4c2b0acccef64ad
ppc64le	cyrus-sasl-lib-2.1.27-6.el8_5.ppc64le.rpm	c3f661fb1cfebfb77aebf1517724313f313a04af462c96aad5502549cf4e0652
ppc64le	cyrus-sasl-md5-2.1.27-6.el8_5.ppc64le.rpm	ce4f0bb5d86d40a4111ab4b8cf685e03b8fa14447f584b9833e7675985fe3210
ppc64le	cyrus-sasl-2.1.27-6.el8_5.ppc64le.rpm	e169601897269c1bee0b5a272bd3c65d1e1ee2012f99966fac69c69029db947f
x86_64	cyrus-sasl-2.1.27-6.el8_5.x86_64.rpm	0b63f06ed73f50e0a317af4b0bb4277f89548226a6d6ba863b13edf1e8ef648d
x86_64	cyrus-sasl-md5-2.1.27-6.el8_5.x86_64.rpm	1e265796005e36238b3361f38e8e89ee4ca9422926bd12c0cf1d9e8ba104a461
x86_64	cyrus-sasl-sql-2.1.27-6.el8_5.x86_64.rpm	6acfccfb633dd8771f039212d721f6a9da1bc5f47325b069c69bf302c1ed398e
x86_64	cyrus-sasl-scram-2.1.27-6.el8_5.x86_64.rpm	8396428fec591adb81b033a80a9ddc9d3719b6493b628a288715c9dc06a437e7
x86_64	cyrus-sasl-devel-2.1.27-6.el8_5.x86_64.rpm	86a1f191f0fabb175cdc7b1d5ea14bdf2c01a11d23e1946e80560891ac3547db
x86_64	cyrus-sasl-gs2-2.1.27-6.el8_5.x86_64.rpm	9cfc71ea081a5022012fb03fe669f865f85a5ec32eaeffbad7fdfac56fb521a9
x86_64	cyrus-sasl-plain-2.1.27-6.el8_5.x86_64.rpm	9f4fbcc5642b65ff90e0c28264e5d08f92936c14b5e9f6a56a72f9e6f3534bc1
x86_64	cyrus-sasl-gssapi-2.1.27-6.el8_5.x86_64.rpm	a625094458d3a1d52a995e2a9e3d9f3137f3c0ddf60e289e30533cb5ba5f06fa
x86_64	cyrus-sasl-ntlm-2.1.27-6.el8_5.x86_64.rpm	a77e9111a51c96f1a269cf8dcb05bda2637a115af831bcf02ce4f6b13d9cc5f3
x86_64	cyrus-sasl-lib-2.1.27-6.el8_5.x86_64.rpm	ce6fa21ff215a3e18b864d101d2ba4f36bef4dfbf747253c20039a433dc1591c
x86_64	cyrus-sasl-ldap-2.1.27-6.el8_5.x86_64.rpm	cf71d347b5981533ece4b15b99c51a0cc9457851cb3f03a534a14ba3799250f5

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.