libpam-krb5 3.10-1ubuntu0.8.10.1 source package in Ubuntu

Changelog

libpam-krb5 (3.10-1ubuntu0.8.10.1) intrepid-security; urgency=low

  * SECURITY UPDATE: local privilege escalation from incorrect API when used
    with setuid applications.
    - context.c, options.c: use krb5_init_secure_context() if we are setuid or
      setgid.
    - CVE-2009-0360
  * SECURITY UPDATE: local file overwrite by pam_setcred when used with setuid
    applications and KRB5CCNAME environment variable.
    - api-auth.c: bail out in pam_sm_setcred() if we are setuid or setgid.
    - CVE-2009-0361

 -- Marc Deslauriers <email address hidden>   Wed, 11 Feb 2009 08:21:28 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2009-02-11
Uploaded to:
Intrepid
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
net
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
libpam-krb5_3.10.orig.tar.gz 152.6 KiB e1760284417a8a4b4ffe0889bffc8cf05869d5ead680d50931e714a1a97a86db
libpam-krb5_3.10-1ubuntu0.8.10.1.diff.gz 12.0 KiB f31e2dd43e4a3e4d7b6bd3dbee961f6069d1b62997b5e8e1f583f3bfde3417bb
libpam-krb5_3.10-1ubuntu0.8.10.1.dsc 1.2 KiB 5820b29062b81818c040bcb7a4ca1fea2aedc8ded98127be298905ac22749cf8

View changes file

Binary packages built by this source

libpam-krb5: No summary available for libpam-krb5 in ubuntu intrepid.

No description available for libpam-krb5 in ubuntu intrepid.