shadow 1: source package in Ubuntu


shadow (1: lucid-security; urgency=low

  * SECURITY UPDATE: could inject NIS groups memberships into /etc/passwd.
    - debian/patches/900_locale_env_sanity: actually set locale environment
      variables correctly.
    - debian/patches/901_reject_newline: reject newlines in GECOS updates.
    - CVE-2011-0721
 -- Kees Cook <email address hidden>   Mon, 14 Feb 2011 13:42:29 -0800

Upload details

Uploaded by:
Kees Cook on 2011-02-14
Uploaded to:
Original maintainer:
Ubuntu Developers
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Lucid updates on 2011-02-18 main admin
Lucid security on 2011-02-15 main admin


File Size MD5 Checksum
shadow_4.1.4.2.orig.tar.gz 2.7 MiB 0d9a6f7b631f3f3673c263685a0a6ab3
shadow_4.1.4.2-1ubuntu2.2.diff.gz 79.9 KiB 877012c903d9fdcce5d77f017f2f0584
shadow_4.1.4.2-1ubuntu2.2.dsc 2.3 KiB 788910a4c21d47240c4540f597c3fd72

View changes file

Binary packages built by this source

login: system login tools

 These tools are required to be able to login and use your system. The
 login program invokes your user shell and enables command execution. The
 newgrp program is used to change your effective group ID (useful for
 workgroup type situations). The su program allows changing your effective
 user ID (useful being able to execute commands as another user).

passwd: change and administer password and group data

 This package includes passwd, chsh, chfn, and many other programs to
 maintain password and group data.
 Shadow passwords are supported. See /usr/share/doc/passwd/README.Debian