Ubuntu

“libgssglue” 0.3-4ubuntu0.1 source package in Ubuntu

Changelog

libgssglue (0.3-4ubuntu0.1) precise-security; urgency=low

  * SECURITY UPDATE: Privilege escalation via malicious environment variable
    - debian/patches/07-CVE_2011_2709.patch: Only read the GSSAPI_MECH_CONF
      environment variable in non-setuid situations. Based on upstream patch.
    - CVE-2011-2709
 -- Tyler Hicks <email address hidden>   Thu, 27 Sep 2012 21:13:08 -0700

Upload details

Uploaded by:
Tyler Hicks on 2012-09-28
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2012-10-15 main libs
Precise security on 2012-10-15 main libs

Downloads

File Size MD5 Checksum
libgssglue_0.3.orig.tar.bz2 252.7 KiB 99c660cfc85e3b5209300a5b057d4f13
libgssglue_0.3-4ubuntu0.1.debian.tar.bz2 8.1 KiB 20d010ec5384431a5a5bb9d68544e431
libgssglue_0.3-4ubuntu0.1.dsc 1.9 KiB 80d1fe6f24e71558d30d2b88afb78f38

Binary packages built by this source

libgssglue-dev: header files and docs for libgssglue

 Contains the header files and documentation for libgssglue
 for use in developing applications that use the libgssglue library.
 .
 libgssglue provides a gssapi interface, but does not implement any
 gssapi mechanisms itself; instead it calls other gssapi functions
 (e.g., those provided by MIT Kerberos), depending on the requested
 mechanism, to do the work.

libgssglue1: mechanism-switch gssapi library

 libgssglue provides a gssapi interface, but does not implement any
 gssapi mechanisms itself; instead it calls other gssapi functions
 (e.g., those provided by MIT Kerberos), depending on the requested
 mechanism, to do the work.