Change logs for libpam-heimdal source package in Lenny
-
libpam-heimdal (3.10-2.1) testing-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. -- Russ Allbery <email address hidden> Mon, 09 Feb 2009 15:32:19 -0800
-
libpam-heimdal (3.10-2) unstable; urgency=low * Rebuild to have the correct heimdal libraries with symbol versioning. (Closes: #481955) * Bump Standards-Version to 3.8.0 -- Matthijs Mohlmann <email address hidden> Thu, 31 Jul 2008 12:31:03 +0200