pam source package in Ubuntu


pam ( hardy-security; urgency=low

  * SECURITY UPDATE: denial of service or privilege escalation via
    non-ASCII usernames
    - debian/patches/CVE-2009-0887.patch: fix signedness error in
    - CVE-2009-0887
  * SECURITY UPDATE: multiple issues with lack of adequate privilege
    - debian/patches/security-dropprivs.patch: introduce new privilege
      dropping code in libpam/pam_modutil_priv.c, libpam/Makefile.*,
      libpam/include/security/pam_modutil.h, libpam/,
      modules/pam_env/pam_env.c, modules/pam_mail/pam_mail.c,
    - CVE-2010-3316
    - CVE-2010-3430
    - CVE-2010-3431
    - CVE-2010-3435
    - CVE-2010-4706
    - CVE-2010-4707
  * SECURITY UPDATE: privilege escalation via incorrect environment
    - debian/patches/CVE-2010-3853.patch: use clean environment in
    - CVE-2010-3853
  * debian/patches-applied/series: disable hurd_no_setfsuid patch, as it
    isn't needed for Ubuntu, and it needs to be rewritten to work with the
    massive privilege refactoring in the security patches.
  * debian/control: added Pre-Depends to libpam-modules so it won't get
    updated without pulling in the updated libpam0g.
 -- Marc Deslauriers <email address hidden>   Wed, 25 May 2011 10:16:14 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2011-05-25
Uploaded to:
Original maintainer:
Ubuntu Developers
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size MD5 Checksum
pam_0.99.7.1.orig.tar.gz 1.3 MiB 36e7ac3e5adc8de0052cf3206887584c
pam_0.99.7.1-5ubuntu6.3.diff.gz 133.8 KiB 09de64a2252a663f7dabeae4ccf5a304
pam_0.99.7.1-5ubuntu6.3.dsc 1.8 KiB 0eba5874a67bc0c500718790e616c123

View changes file

Binary packages built by this source

libpam-cracklib: PAM module to enable cracklib support

 This package includes libpam_cracklib, a PAM module that tests
 passwords to make sure they are not too weak during password change.

libpam-doc: Documentation of PAM

 Contains documentation (in HTML, ASCII, and PostScript format) for
 libpam, the Pluggable Authentication Modules library, a suite of shared
 libraries that enable the local system administrator to choose how
 applications authenticate users.

libpam-modules: Pluggable Authentication Modules for PAM

 This package completes the set of modules for PAM. It includes the
  pam_unix_*.so module as well as some specialty modules.

libpam-runtime: Runtime support for the PAM library

 Contains configuration files and directories required for
 authentication to work on Debian systems. This package is required
 on almost all installations.

libpam0g: Pluggable Authentication Modules library

 Contains the C shared library for Linux-PAM, a suite of shared
 libraries that enable the local system administrator to choose how
 applications authenticate users. In other words, without rewriting
 or recompiling a PAM-aware application, it is possible to switch
 between the authentication mechanism(s) it uses. One may entirely
 upgrade the local authentication system without touching the
 applications themselves.

libpam0g-dev: Development files for PAM

 Contains C header files and development shared libraries libraries for
 libpam, the pluggable authentication modules, a suite of shared libraries
 that enable the local system administrator to choose how applications
 authenticate users.
 PAM decouples applications from the authentication mechanism, making it
 possible to upgrade the authentication system without recompiling or
 rewriting the applications.