Accepted libpam-krb5 3.13-2 (source i386)

To: debian-devel-changes@lists.debian.org
Subject: Accepted libpam-krb5 3.13-2 (source i386)
From: Russ Allbery <rra@debian.org>
Date: Tue, 17 Feb 2009 16:32:07 +0000
Message-id: <[🔎] E1LZSrf-0007Sl-JC@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 17 Feb 2009 07:50:53 -0800
Source: libpam-krb5
Binary: libpam-krb5
Architecture: source i386
Version: 3.13-2
Distribution: unstable
Urgency: high
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libpam-krb5 - PAM module for MIT Kerberos
Closes: 492039 492379
Changes: 
 libpam-krb5 (3.13-2) unstable; urgency=low
 .
   * Upload to unstable.
 .
 libpam-krb5 (3.13-1) experimental; urgency=high
 .
   * New upstream release.
     - SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore
       user environment variables that specify the local keytab and
       Kerberos configuration.  Protects against a privilege escalation
       vulnerability.
     - SECURITY (CVE-2009-0361): Protect against applications calling
       pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid
       context.  This API call is designed to reinitialize an existing
       Kerberos ticket cache and therefore trusts the KRB5CCNAME
       environment variable, but in a setuid context, this may allow
       overwriting arbitrary files.
   * Install the upstream NEWS file as an upstream changelog.
   * Add ${misc:Depends} to the package dependencies.
   * Improve wording for the GPL pointer.  The package may be distributed
     under any version of the GPL.
 .
 libpam-krb5 (3.12-1) experimental; urgency=low
 .
   * New upstream release.
     - New alt_auth_map, force_alt_auth, and only_alt_auth options to map
       usernames to alternative Kerberos principals for authentication.
     - Log to authpriv, not auth.
     - Correctly log an exit status of ignore during debugging.
     - Document ssh session requirement.  (Closes: #492039)
     - Document ignore handling with [] actions.  (Closes: #492379)
   * Update to debhelper compatibility mode V7.
     - Use debhelper rule minimization except for configure.
     - Let the upstream Makefile do the installation.
   * Remove NEWS.Debian, only of interest in upgrades from sarge.
Checksums-Sha1: 
 036bb6a80627a33abfe6a2454c4d0938901da62f 1214 libpam-krb5_3.13-2.dsc
 7a388e71e1a78d8fa400393e4a73aaa936b99182 13399 libpam-krb5_3.13-2.diff.gz
 0a4314f896e487395d9559a148d9844f2145f65f 65640 libpam-krb5_3.13-2_i386.deb
Checksums-Sha256: 
 1fbabd88ec3122be6258e61fd439f3048d38b3707ff388b7ed257843e856acd0 1214 libpam-krb5_3.13-2.dsc
 1fdefd3da0ae2b21dd65a2db46150403c5fa456e588e8dac8e3978603d44e319 13399 libpam-krb5_3.13-2.diff.gz
 07bc914759334df38cf0287dd7591b318360ced19f69d85e116f8eb30a85c6f1 65640 libpam-krb5_3.13-2_i386.deb
Files: 
 4ad33a91361b5e3bbbf035cc4b2b3f77 1214 net optional libpam-krb5_3.13-2.dsc
 ece147f60624687d34770d74af073e5f 13399 net optional libpam-krb5_3.13-2.diff.gz
 5391de0bab2d4c8754c1e73d507d8f75 65640 net optional libpam-krb5_3.13-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkma49MACgkQ+YXjQAr8dHalKACeIEzCQKqKgD11yCWfD92YoTzk
xe0An0xza26bfY3OUAWJpF9yCiQbXmji
=NThh
-----END PGP SIGNATURE-----


Accepted:
libpam-krb5_3.13-2.diff.gz
  to pool/main/libp/libpam-krb5/libpam-krb5_3.13-2.diff.gz
libpam-krb5_3.13-2.dsc
  to pool/main/libp/libpam-krb5/libpam-krb5_3.13-2.dsc
libpam-krb5_3.13-2_i386.deb
  to pool/main/libp/libpam-krb5/libpam-krb5_3.13-2_i386.deb

Reply to:

Prev by Date: Accepted dh-ocaml 0.2 (source all)
Next by Date: Accepted gtk-doc 1.11-3 (source all)
Previous by thread: Accepted dh-ocaml 0.2 (source all)
Next by thread: Accepted gtk-doc 1.11-3 (source all)
Index(es):
- Date
- Thread