Format: 1.8 Date: Thu, 19 May 2011 08:40:22 -0400 Source: pam Binary: libpam0g libpam-modules libpam-modules-bin libpam-runtime libpam0g-dev libpam-cracklib libpam-doc Architecture: armel armel_translations Version: 1.1.2-2ubuntu8.2 Distribution: natty Urgency: low Maintainer: Ubuntu/armel Build Daemon Changed-By: Marc Deslauriers Description: libpam-cracklib - PAM module to enable cracklib support libpam-doc - Documentation of PAM libpam-modules - Pluggable Authentication Modules for PAM libpam-modules-bin - Pluggable Authentication Modules for PAM - helper binaries libpam-runtime - Runtime support for the PAM library libpam0g - Pluggable Authentication Modules library libpam0g-dev - Development files for PAM Changes: pam (1.1.2-2ubuntu8.2) natty-security; urgency=low . * SECURITY UPDATE: multiple issues with lack of adequate privilege dropping - debian/patches/security-dropprivs.patch: introduce new privilege dropping code in libpam/pam_modutil_priv.c, libpam/Makefile.*, libpam/include/security/pam_modutil.h, libpam/libpam.map, modules/pam_env/pam_env.c, modules/pam_mail/pam_mail.c, modules/pam_xauth/pam_xauth.c. - CVE-2010-3430 - CVE-2010-3431 - CVE-2010-3435 - CVE-2010-4706 - CVE-2010-4707 * SECURITY UPDATE: privilege escalation via incorrect environment - debian/patches/CVE-2010-3853.patch: use clean environment in modules/pam_namespace/pam_namespace.c. - CVE-2010-3853 * debian/patches-applied/series: disable hurd_no_setfsuid patch, as it isn't needed for Ubuntu, and it needs to be rewritten to work with the massive privilege refactoring in the security patches. Checksums-Sha1: 0a4f1cf2efb29385968771d07b64d51b52876dc0 47410 libpam0g_1.1.2-2ubuntu8.2_armel.deb adda55462f80602b08cc8c9a9555924797c372f9 245196 libpam-modules_1.1.2-2ubuntu8.2_armel.deb 3d3585803d897941da178158fd1b34ea72179293 40424 libpam-modules-bin_1.1.2-2ubuntu8.2_armel.deb f9e15b8e64d6d5b589959fb25a519d48129e0bbb 120518 libpam0g-dev_1.1.2-2ubuntu8.2_armel.deb 80636d56a1373f9d87de213799d736c3b8b48745 16040 libpam-cracklib_1.1.2-2ubuntu8.2_armel.deb c63ed9ed7a605b61d4f67b6d2e35fb63e134ca45 139985 pam_1.1.2-2ubuntu8.2_armel_translations.tar.gz Checksums-Sha256: 91afc0de7304e348ae6b75cb7e90945d2222587419942d501b0f643cd2547dba 47410 libpam0g_1.1.2-2ubuntu8.2_armel.deb 6507870ef7f1bdb7b9b0ad53a7062da8551770ad0218f1e2e84683e5fbb34ae9 245196 libpam-modules_1.1.2-2ubuntu8.2_armel.deb 4fac3d8b1ca531255ed07bff739d4a29d6b1959747a983afbc34bb71dbf6404f 40424 libpam-modules-bin_1.1.2-2ubuntu8.2_armel.deb 69c29469b2074ad0841b140d362c0c7f5cc73762f4eb79c07147d19f5bd76efc 120518 libpam0g-dev_1.1.2-2ubuntu8.2_armel.deb 798d1e529bcbcec0325a53853ca559bcdea396376f780df0a0a9c8304b42e249 16040 libpam-cracklib_1.1.2-2ubuntu8.2_armel.deb abcb44cab0cc60ba28b9c92be7634c1e3a933e38b92825905d9a5ea730573241 139985 pam_1.1.2-2ubuntu8.2_armel_translations.tar.gz Files: 20431b1a58bc5aa8a796097b42a4156c 47410 libs required libpam0g_1.1.2-2ubuntu8.2_armel.deb bd1faa4dd606acd7df5a0604d2ff1f15 245196 admin required libpam-modules_1.1.2-2ubuntu8.2_armel.deb b6e1199ce4ee807944106501451a5216 40424 admin required libpam-modules-bin_1.1.2-2ubuntu8.2_armel.deb 563494d60f963b54b4f3cded66bda6e6 120518 libdevel optional libpam0g-dev_1.1.2-2ubuntu8.2_armel.deb 7acf15de76ce4c0c8a886a0e39b704ce 16040 admin optional libpam-cracklib_1.1.2-2ubuntu8.2_armel.deb ef4f7766ffd70e34bd737cb7a4e1b911 139985 raw-translations - pam_1.1.2-2ubuntu8.2_armel_translations.tar.gz Original-Maintainer: Steve Langasek