libgssglue 0.3-4ubuntu0.1 source package in Ubuntu

Changelog

libgssglue (0.3-4ubuntu0.1) precise-security; urgency=low

  * SECURITY UPDATE: Privilege escalation via malicious environment variable
    - debian/patches/07-CVE_2011_2709.patch: Only read the GSSAPI_MECH_CONF
      environment variable in non-setuid situations. Based on upstream patch.
    - CVE-2011-2709
 -- Tyler Hicks <email address hidden>   Thu, 27 Sep 2012 21:13:08 -0700

Upload details

Uploaded by:
Tyler Hicks on 2012-09-28
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2012-10-15 main libs
Precise security on 2012-10-15 main libs

Downloads

File Size SHA-256 Checksum
libgssglue_0.3.orig.tar.bz2 252.7 KiB dc3fff746d72a7e20268ae0986c690d2c7d534c79384616edec379e9033a1151
libgssglue_0.3-4ubuntu0.1.debian.tar.bz2 8.1 KiB 0f42795c3e3edb70de8fade70d590f40b6c3a72a481fb5437c37cfd7df703967
libgssglue_0.3-4ubuntu0.1.dsc 1.9 KiB fdd3db1d61484aa7b9c9d24bdf5b9f6e7b18350320a421256937e0765d03da70

View changes file

Binary packages built by this source

libgssglue-dev: header files and docs for libgssglue

 Contains the header files and documentation for libgssglue
 for use in developing applications that use the libgssglue library.
 .
 libgssglue provides a gssapi interface, but does not implement any
 gssapi mechanisms itself; instead it calls other gssapi functions
 (e.g., those provided by MIT Kerberos), depending on the requested
 mechanism, to do the work.

libgssglue1: mechanism-switch gssapi library

 libgssglue provides a gssapi interface, but does not implement any
 gssapi mechanisms itself; instead it calls other gssapi functions
 (e.g., those provided by MIT Kerberos), depending on the requested
 mechanism, to do the work.