-
libpam-heimdal (3.15-2.1) unstable; urgency=low
* Non-maintainer upload.
* Integrate with pam-auth-update (code taken from libpam-krb5) (Closes:
#551455)
* Rebuilt against newer libheimdal-dev (Closes: #559779)
-- Guido Günther <email address hidden> Thu, 17 Dec 2009 11:11:29 +0100
-
libpam-heimdal (3.15-2) unstable; urgency=low
* Wrong distribution upload.
-- Matthijs Mohlmann <email address hidden> Wed, 05 Aug 2009 07:22:37 +0200
-
libpam-heimdal (3.15-1) testing-security; urgency=low
* Acknowledge NMU.
* New upstream (Closes: #516695) (Fixing CVE-2009-0360 and CVE-2009-0361)
* Bump Standards-Version to 3.8.2
* Convert patches for possible switch to new source format (Closes: #485250)
-- Matthijs Mohlmann <email address hidden> Tue, 04 Aug 2009 21:16:13 +0200
-
libpam-heimdal (3.10-2.1) testing-security; urgency=high
* Non-maintainer security upload.
* SECURITY (CVE-2009-0361): Protect against applications calling
pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context.
This API call is designed to reinitialize an existing Kerberos ticket
cache and therefore trusts the KRB5CCNAME environment variable, but in
a setuid context, this may allow overwriting arbitrary files.
-- Russ Allbery <email address hidden> Mon, 09 Feb 2009 15:32:19 -0800
-
libpam-heimdal (3.10-2) unstable; urgency=low
* Rebuild to have the correct heimdal libraries with symbol versioning.
(Closes: #481955)
* Bump Standards-Version to 3.8.0
-- Matthijs Mohlmann <email address hidden> Thu, 31 Jul 2008 12:31:03 +0200