[SECURITY] [DLA 2239-1] libpam-tacplus security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : libpam-tacplus
Version : 1.3.8-2+deb8u1
CVE ID : CVE-2020-13881
It was discovered that there was an issue in libpam-tacplus (a
security module for using the TACACS+ authentication service) where
shared secrets such as private server keys were being added in
the clear to various logs.
For Debian 8 "Jessie", this issue has been fixed in libpam-tacplus version
1.3.8-2+deb8u1.
We recommend that you upgrade your libpam-tacplus packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7eUqwACgkQHpU+J9Qx
HlgKJQ/+MAJiP2J3TiC6KsVFBdj9fiHvwoIBDqVchX0CKe/GHs2DJ7khHqNtUgEY
yNYTBwuiAr8YaU1xyLtyBhsZFOR7cywwS4dyc7RNCirssip9i9PAZrgzoXOfIUkz
8YuP++d/FzvCuKtQ9IXl75azQpripzzyYZ65pPfYBlOU4wF52jm5VGKpOS7JQtCK
ezKeV6Rb/y6gapTup5C7ji7B24/N4iu7R3my9OROAFcJMw5EUn8aoPMFDaJ0ykC2
sbga/sJImT7cHs16UsdK7jassMCjIVyXMLOIkOPPyvhN7Ayipx/YEsOwrm7t2A0q
78vqtlncvwlBhN4rTpsm9tOh1fK8c81Nk1qHOJ40FF0MzaiWXVutvoEKxyEjjY7A
Mt4ZN0KONuf38CRQNi4EkAE/3rxtTCb577p/HzAgSvKV5iKbAioAUZQww0rJvF0U
bAoeXUq32KxTgNCRtLKU6A7ttUY94KAzOLwtOxSmyNz+i1Wx22Z71OmB+BF8VEck
Z91PEAd0IL3XQBEEWV7RKYSryRveQL8ySyqWbUxN43FEJKvqDYQEu2+lTssMkd8B
yxqiFMWOUqRLYjyTNDv7odWxwzMi205sAsw4S5zZflKRiZCvaaTa2pF4shiAyi3V
9Mmi9M6iIwH0PuMVaGW2z8zHYdtQRMBEMtaYxtZQM30cYCE1nkg=
=KZU/
-----END PGP SIGNATURE-----
Reply to: