Accepted libpam-krb5 3.13-1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 11 Feb 2009 10:47:51 -0800
Source: libpam-krb5
Binary: libpam-krb5
Architecture: source i386
Version: 3.13-1
Distribution: experimental
Urgency: high
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
libpam-krb5 - PAM module for MIT Kerberos
Changes:
libpam-krb5 (3.13-1) experimental; urgency=high
.
* New upstream release.
- SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore
user environment variables that specify the local keytab and
Kerberos configuration. Protects against a privilege escalation
vulnerability.
- SECURITY (CVE-2009-0361): Protect against applications calling
pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid
context. This API call is designed to reinitialize an existing
Kerberos ticket cache and therefore trusts the KRB5CCNAME
environment variable, but in a setuid context, this may allow
overwriting arbitrary files.
* Install the upstream NEWS file as an upstream changelog.
* Add ${misc:Depends} to the package dependencies.
* Improve wording for the GPL pointer. The package may be distributed
under any version of the GPL.
Checksums-Sha1:
c67bdfae7ffa03863201c9685955d61076ce1517 1214 libpam-krb5_3.13-1.dsc
846bdda11fe473d838dfe2644ce84c98fa647580 158726 libpam-krb5_3.13.orig.tar.gz
2ebb1fb39f527b4f4e2a2e1f8e93908fc056885f 13372 libpam-krb5_3.13-1.diff.gz
7e17a8ed08f84cec5bcc4389e7d2ced06620f475 65782 libpam-krb5_3.13-1_i386.deb
Checksums-Sha256:
ef71daacabba9d916f333c01c8f6f659e26f818b2f0f5c97d0c1fdf9fa3a2ff3 1214 libpam-krb5_3.13-1.dsc
298fa3c02070d72d7fc6ef1f74fd898f6c6a0637169297be9d39b00847fdfcc8 158726 libpam-krb5_3.13.orig.tar.gz
e1e35276b585636dc6a3a5b66f0f3e47bcfeea100e118d7cdfff82b4834dc02a 13372 libpam-krb5_3.13-1.diff.gz
48c3956c215a1e0a65a3c6b133f833d2b148789c15e1b7ec3d3522f44e9a58dc 65782 libpam-krb5_3.13-1_i386.deb
Files:
b2158e9ca293d30391658edded49f814 1214 net optional libpam-krb5_3.13-1.dsc
1f69a491c45ce76065fc8055b1a7be37 158726 net optional libpam-krb5_3.13.orig.tar.gz
244c1ffe5c333d5e5fb2d814ba667d31 13372 net optional libpam-krb5_3.13-1.diff.gz
c98e2baacf38f705715aca2b1ec58720 65782 net optional libpam-krb5_3.13-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkmTI68ACgkQ+YXjQAr8dHbUTQCfTYe1Qre2nnkhqYTjkFE4uCFK
d/UAmwddc3xlofPQTSy0RSq2rrXnJrhs
=cBpq
-----END PGP SIGNATURE-----
Accepted:
libpam-krb5_3.13-1.diff.gz
to pool/main/libp/libpam-krb5/libpam-krb5_3.13-1.diff.gz
libpam-krb5_3.13-1.dsc
to pool/main/libp/libpam-krb5/libpam-krb5_3.13-1.dsc
libpam-krb5_3.13-1_i386.deb
to pool/main/libp/libpam-krb5/libpam-krb5_3.13-1_i386.deb
libpam-krb5_3.13.orig.tar.gz
to pool/main/libp/libpam-krb5/libpam-krb5_3.13.orig.tar.gz
Reply to: