libpam-radius-auth 1.3.17-0ubuntu4.1 source package in Ubuntu
Changelog
libpam-radius-auth (1.3.17-0ubuntu4.1) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via stack overflow in password field
- debian/patches/CVE-2015-9542-1.patch: use length, which has been
limited in size in src/pam_radius_auth.c.
- debian/patches/CVE-2015-9542-2.patch: clear out trailing part of the
buffer in src/pam_radius_auth.c.
- debian/patches/CVE-2015-9542-3.patch: copy password to buffer before
rounding length in src/pam_radius_auth.c.
- debian/rules: added new patches.
- CVE-2015-9542
-- Marc Deslauriers <email address hidden> Wed, 19 Feb 2020 07:53:50 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Xenial | updates | main | libs | |
| Xenial | security | main | libs |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libpam-radius-auth_1.3.17.orig.tar.gz | 30.6 KiB | 60ee863cbea797be46eff8b9d568af057c6e54335bdb19a6bd2cadde389d7dca |
| libpam-radius-auth_1.3.17-0ubuntu4.1.diff.gz | 12.0 KiB | f8fdb34f16b09f7f1f76bf9ed4be437a8cd414076bc5aa6e4a9843000e752104 |
| libpam-radius-auth_1.3.17-0ubuntu4.1.dsc | 1.8 KiB | 7a80a052ff85b9d1fc474176327c12129a2d5ed0de41cd91ecd7db1b98c1aac4 |
Available diffs
Binary packages built by this source
- libpam-radius-auth: The PAM RADIUS authentication module
This is the PAM to RADIUS authentication module. It allows any PAM-capable
machine to become a RADIUS client for authentication and accounting
requests. You will, however, need to supply your own RADIUS server to
perform the actual authentication
- libpam-radius-auth-dbgsym: debug symbols for package libpam-radius-auth
This is the PAM to RADIUS authentication module. It allows any PAM-capable
machine to become a RADIUS client for authentication and accounting
requests. You will, however, need to supply your own RADIUS server to
perform the actual authentication
