pam 1.1.3-2ubuntu2.1 source package in Ubuntu

Changelog

pam (1.1.3-2ubuntu2.1) oneiric-security; urgency=low

  * SECURITY UPDATE: possible code execution via incorrect environment file
    parsing (LP: #874469)
    - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
      whitespace when parsing environment file in modules/pam_env/pam_env.c.
    - CVE-2011-3148
  * SECURITY UPDATE: denial of service via overflowed environment variable
    expansion (LP: #874565)
    - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
      with PAM_BUF_ERR in modules/pam_env/pam_env.c.
    - CVE-2011-3149
  * SECURITY UPDATE: code execution via incorrect environment cleaning
    - debian/patches-applied/update-motd: updated to use clean environment
      and absolute paths in modules/pam_motd/pam_motd.c.
    - CVE-2011-XXXX
 -- Marc Deslauriers <email address hidden>   Tue, 18 Oct 2011 09:33:47 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2011-10-18
Uploaded to:
Oneiric
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Oneiric updates on 2011-10-24 main libs
Oneiric security on 2011-10-24 main libs

Downloads

File Size MD5 Checksum
pam_1.1.3.orig.tar.gz 1.7 MiB 9a977619848cfed372d9b361e328ec99
pam_1.1.3-2ubuntu2.1.diff.gz 279.1 KiB 0f10c39785d1143c4e3509f971694407
pam_1.1.3-2ubuntu2.1.dsc 2.2 KiB 4361461f0fd0a3a0250c7c2a4b130883

View changes file

Binary packages built by this source

libpam-cracklib: PAM module to enable cracklib support

 This package includes libpam_cracklib, a PAM module that tests
 passwords to make sure they are not too weak during password change.

libpam-doc: Documentation of PAM

 Contains documentation (in HTML, ASCII, and PostScript format) for
 libpam, the Pluggable Authentication Modules library, a suite of shared
 libraries that enable the local system administrator to choose how
 applications authenticate users.

libpam-modules: Pluggable Authentication Modules for PAM

 This package completes the set of modules for PAM. It includes the
  pam_unix_*.so module as well as some specialty modules.

libpam-modules-bin: Pluggable Authentication Modules for PAM - helper binaries

 This package contains helper binaries used by the standard set of PAM
 modules in the libpam-modules package.

libpam-runtime: Runtime support for the PAM library

 Contains configuration files and directories required for
 authentication to work on Debian systems. This package is required
 on almost all installations.

libpam0g: Pluggable Authentication Modules library

 Contains the C shared library for Linux-PAM, a suite of shared
 libraries that enable the local system administrator to choose how
 applications authenticate users. In other words, without rewriting
 or recompiling a PAM-aware application, it is possible to switch
 between the authentication mechanism(s) it uses. One may entirely
 upgrade the local authentication system without touching the
 applications themselves.

libpam0g-dev: Development files for PAM

 Contains C header files and development libraries for libpam, the Pluggable
 Authentication Modules, a library that enables the local system
 administrator to choose how applications authenticate users.
 .
 PAM decouples applications from the authentication mechanism, making it
 possible to upgrade the authentication system without recompiling or
 rewriting the applications.