libpam-krb5 3.10-1ubuntu0.8.04.1 source package in Ubuntu

Changelog

libpam-krb5 (3.10-1ubuntu0.8.04.1) hardy-security; urgency=low

  * SECURITY UPDATE: local privilege escalation from incorrect API when used
    with setuid applications.
    - context.c, options.c: use krb5_init_secure_context() if we are setuid or
      setgid.
    - CVE-2009-0360
  * SECURITY UPDATE: local file overwrite by pam_setcred when used with setuid
    applications and KRB5CCNAME environment variable.
    - api-auth.c: bail out in pam_sm_setcred() if we are setuid or setgid.
    - CVE-2009-0361

 -- Marc Deslauriers <email address hidden>   Wed, 11 Feb 2009 08:21:28 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2009-02-11
Uploaded to:
Hardy
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
net
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libpam-krb5_3.10.orig.tar.gz 152.6 KiB e1760284417a8a4b4ffe0889bffc8cf05869d5ead680d50931e714a1a97a86db
libpam-krb5_3.10-1ubuntu0.8.04.1.diff.gz 12.0 KiB f8b72c42890408436d15bf832627171032e0b38c7268c2deadcc605c3971296d
libpam-krb5_3.10-1ubuntu0.8.04.1.dsc 816 bytes de0dbbc635014202f0c9e84062525772c2df083e409c53f37643df1a841a36dd

View changes file

Binary packages built by this source

libpam-krb5: No summary available for libpam-krb5 in ubuntu hardy.

No description available for libpam-krb5 in ubuntu hardy.