Ubuntu

“libgssglue” 0.1-4ubuntu0.1 source package in Ubuntu

Changelog

libgssglue (0.1-4ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: Privilege escalation via malicious environment variable
    - debian/patches/07-CVE_2011_2709.patch: Only read the GSSAPI_MECH_CONF
      environment variable in non-setuid situations. Based on upstream patch.
    - CVE-2011-2709
 -- Tyler Hicks <email address hidden>   Thu, 27 Sep 2012 21:13:08 -0700

Upload details

Uploaded by:
Tyler Hicks on 2012-09-28
Uploaded to:
Lucid
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Lucid updates on 2012-10-15 main libs
Lucid security on 2012-10-15 main libs

Downloads

File Size MD5 Checksum
libgssglue_0.1.orig.tar.gz 343.3 KiB ce1b4c758e6de01b712d154c5c97e540
libgssglue_0.1-4ubuntu0.1.diff.gz 5.4 KiB 5adf94fdc31929f443c49e502b93fa0e
libgssglue_0.1-4ubuntu0.1.dsc 1.8 KiB 29ea788a19efa10f0e6a7cdf9f8a8308

Binary packages built by this source

libgssglue-dev: header files and docs for libgssglue

 Contains the header files and documentation for libgssglue
 for use in developing applications that use the libgssglue library.
 .
 libgssglue provides a gssapi interface, but does not implement any
 gssapi mechanisms itself; instead it calls other gssapi functions
 (e.g., those provided by MIT Kerberos), depending on the requested
 mechanism, to do the work.

libgssglue1: mechanism-switch gssapi library

 libgssglue provides a gssapi interface, but does not implement any
 gssapi mechanisms itself; instead it calls other gssapi functions
 (e.g., those provided by MIT Kerberos), depending on the requested
 mechanism, to do the work.