Ubuntu

“libgssglue” 0.3-1ubuntu1.1 source package in Ubuntu

Changelog

libgssglue (0.3-1ubuntu1.1) oneiric-security; urgency=low

  * SECURITY UPDATE: Privilege escalation via malicious environment variable
    - debian/patches/07-CVE_2011_2709.patch: Only read the GSSAPI_MECH_CONF
      environment variable in non-setuid situations. Based on upstream patch.
    - CVE-2011-2709
 -- Tyler Hicks <email address hidden>   Thu, 27 Sep 2012 21:13:08 -0700

Upload details

Uploaded by:
Tyler Hicks on 2012-09-28
Uploaded to:
Oneiric
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Oneiric updates on 2012-10-15 main libs
Oneiric security on 2012-10-15 main libs

Downloads

File Size MD5 Checksum
libgssglue_0.3.orig.tar.bz2 252.7 KiB 99c660cfc85e3b5209300a5b057d4f13
libgssglue_0.3-1ubuntu1.1.debian.tar.bz2 7.8 KiB 86b63108623330701a155624b2e3d525
libgssglue_0.3-1ubuntu1.1.dsc 1.8 KiB e0a02663913d0cd586cc98e02e2592fa

Binary packages built by this source

libgssglue-dev: header files and docs for libgssglue

 Contains the header files and documentation for libgssglue
 for use in developing applications that use the libgssglue library.
 .
 libgssglue provides a gssapi interface, but does not implement any
 gssapi mechanisms itself; instead it calls other gssapi functions
 (e.g., those provided by MIT Kerberos), depending on the requested
 mechanism, to do the work.

libgssglue1: mechanism-switch gssapi library

 libgssglue provides a gssapi interface, but does not implement any
 gssapi mechanisms itself; instead it calls other gssapi functions
 (e.g., those provided by MIT Kerberos), depending on the requested
 mechanism, to do the work.