Ubuntu
libpam-krb5 package

libpam-krb5 3.10-1ubuntu0.8.04.1 source package in Ubuntu

Changelog

libpam-krb5 (3.10-1ubuntu0.8.04.1) hardy-security; urgency=low

  * SECURITY UPDATE: local privilege escalation from incorrect API when used
    with setuid applications.
    - context.c, options.c: use krb5_init_secure_context() if we are setuid or
      setgid.
    - CVE-2009-0360
  * SECURITY UPDATE: local file overwrite by pam_setcred when used with setuid
    applications and KRB5CCNAME environment variable.
    - api-auth.c: bail out in pam_sm_setcred() if we are setuid or setgid.
    - CVE-2009-0361

 -- Marc Deslauriers <email address hidden>   Wed, 11 Feb 2009 08:21:28 -0500

Upload details

Uploaded by:: Marc Deslauriers on 2009-02-11

Uploaded to:: Hardy

Original maintainer:: Ubuntu Development Team

Architectures:: any

Section:: net

Urgency:: Low Urgency

See full publishing history Publishing

Series	Pocket	Published	Component	Section

Builds

Hardy: amd64 hppa i386 ia64 lpia powerpc sparc

Downloads

File	Size	SHA-256 Checksum
libpam-krb5_3.10.orig.tar.gz	152.6 KiB	e1760284417a8a4b4ffe0889bffc8cf05869d5ead680d50931e714a1a97a86db
libpam-krb5_3.10-1ubuntu0.8.04.1.diff.gz	12.0 KiB	f8b72c42890408436d15bf832627171032e0b38c7268c2deadcc605c3971296d
libpam-krb5_3.10-1ubuntu0.8.04.1.dsc	816 bytes	de0dbbc635014202f0c9e84062525772c2df083e409c53f37643df1a841a36dd

Available diffs

diff from 3.10-1 (in Ubuntu) to 3.10-1ubuntu0.8.04.1 (2.1 KiB)

View changes file

Binary packages built by this source

libpam-krb5: No summary available for libpam-krb5 in ubuntu hardy.: No description available for libpam-krb5 in ubuntu hardy.

Ubuntulibpam-krb5 package

libpam-krb5 3.10-1ubuntu0.8.04.1 source package in Ubuntu

Changelog

Upload details

See full publishing history Publishing

Builds

Downloads

Available diffs

Binary packages built by this source

Ubuntu
libpam-krb5 package