libpam-sshauth (0.3.1-1+deb8u1) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2016-4422: local root privilege escalation.
Return PAM_AUTH_ERR when a system user. This prevents the pam module
from returning success without asking for authentication credentials.
Thanks to Vagrant Cascadian <email address hidden>
-- Salvatore Bonaccorso <email address hidden> Wed, 04 May 2016 10:55:45 +0200