libpam-heimdal 3.10-2.1 source package in Debian
Changelog
libpam-heimdal (3.10-2.1) testing-security; urgency=high
* Non-maintainer security upload.
* SECURITY (CVE-2009-0361): Protect against applications calling
pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context.
This API call is designed to reinitialize an existing Kerberos ticket
cache and therefore trusts the KRB5CCNAME environment variable, but in
a setuid context, this may allow overwriting arbitrary files.
-- Russ Allbery <email address hidden> Mon, 09 Feb 2009 15:32:19 -0800
Upload details
- Uploaded by:
- Matthijs Mohlmann
- Uploaded to:
- Sid
- Original maintainer:
- Matthijs Mohlmann
- Architectures:
- any
- Section:
- net
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Lenny | release | main | net |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libpam-heimdal_3.10-2.1.dsc | 1.1 KiB | d2f9821c5e23b8ecce4ab82f2d6e1bb5d9e39f9a3feac6060b77a55ac8be5ed3 |
| libpam-heimdal_3.10.orig.tar.gz | 152.6 KiB | e1760284417a8a4b4ffe0889bffc8cf05869d5ead680d50931e714a1a97a86db |
| libpam-heimdal_3.10-2.1.diff.gz | 8.2 KiB | fcf2da51970a6c504b2eaed9d10d45670748d2cbebeca25a26527a624be1c75d |
No changes file available.
