Format: 1.7
Date: Wed, 11 Feb 2009 08:21:28 -0500
Source: libpam-krb5
Binary: libpam-krb5
Architecture: ia64
Version: 3.10-1ubuntu0.8.04.1
Distribution: hardy
Urgency: low
Maintainer: Ubuntu/ia64 Build Daemon <buildd@hooker.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libpam-krb5 - PAM module for MIT Kerberos
Changes: 
 libpam-krb5 (3.10-1ubuntu0.8.04.1) hardy-security; urgency=low
 .
   * SECURITY UPDATE: local privilege escalation from incorrect API when used
     with setuid applications.
     - context.c, options.c: use krb5_init_secure_context() if we are setuid or
       setgid.
     - CVE-2009-0360
   * SECURITY UPDATE: local file overwrite by pam_setcred when used with setuid
     applications and KRB5CCNAME environment variable.
     - api-auth.c: bail out in pam_sm_setcred() if we are setuid or setgid.
     - CVE-2009-0361
Files: 
 9a975e96817a5d962b4e30b6be7f2e04 84060 net optional libpam-krb5_3.10-1ubuntu0.8.04.1_ia64.deb
Original-Maintainer: Russ Allbery <rra@debian.org>