libpam-radius-auth 1.3.17-0ubuntu4.1 source package in Ubuntu

Changelog

libpam-radius-auth (1.3.17-0ubuntu4.1) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via stack overflow in password field
    - debian/patches/CVE-2015-9542-1.patch: use length, which has been
      limited in size in src/pam_radius_auth.c.
    - debian/patches/CVE-2015-9542-2.patch: clear out trailing part of the
      buffer in src/pam_radius_auth.c.
    - debian/patches/CVE-2015-9542-3.patch: copy password to buffer before
      rounding length in src/pam_radius_auth.c.
    - debian/rules: added new patches.
    - CVE-2015-9542

 -- Marc Deslauriers <email address hidden>  Wed, 19 Feb 2020 07:53:50 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2020-02-19
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2020-02-24 main libs
Xenial security on 2020-02-24 main libs

Downloads

File Size SHA-256 Checksum
libpam-radius-auth_1.3.17.orig.tar.gz 30.6 KiB 60ee863cbea797be46eff8b9d568af057c6e54335bdb19a6bd2cadde389d7dca
libpam-radius-auth_1.3.17-0ubuntu4.1.diff.gz 12.0 KiB f8fdb34f16b09f7f1f76bf9ed4be437a8cd414076bc5aa6e4a9843000e752104
libpam-radius-auth_1.3.17-0ubuntu4.1.dsc 1.8 KiB 7a80a052ff85b9d1fc474176327c12129a2d5ed0de41cd91ecd7db1b98c1aac4

View changes file

Binary packages built by this source

libpam-radius-auth: The PAM RADIUS authentication module

 This is the PAM to RADIUS authentication module. It allows any PAM-capable
 machine to become a RADIUS client for authentication and accounting
 requests. You will, however, need to supply your own RADIUS server to
 perform the actual authentication

libpam-radius-auth-dbgsym: debug symbols for package libpam-radius-auth

 This is the PAM to RADIUS authentication module. It allows any PAM-capable
 machine to become a RADIUS client for authentication and accounting
 requests. You will, however, need to supply your own RADIUS server to
 perform the actual authentication