[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#951396: marked as done (libpam-radius-auth: CVE-2015-9542)

Your message dated Fri, 21 Feb 2020 10:49:29 +0000
with message-id <E1j55s9-0003cQ-IM@fasolo.debian.org>
and subject line Bug#951396: fixed in libpam-radius-auth 1.4.0-3
has caused the Debian Bug report #951396,
regarding libpam-radius-auth: CVE-2015-9542
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
951396: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951396
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Source: libpam-radius-auth
Version: 1.4.0-2
Severity: important
Tags: security upstream

Hi,

The following vulnerability was published for libpam-radius-auth.

CVE-2015-9542[0]:
|buffer overflow in password field

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-9542
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9542
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1686980
[2] https://github.com/FreeRADIUS/pam_radius/commit/01173ec
    https://github.com/FreeRADIUS/pam_radius/commit/6bae92d
    https://github.com/FreeRADIUS/pam_radius/commit/ac2c1677

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: libpam-radius-auth
Source-Version: 1.4.0-3
Done: Utkarsh Gupta <utkarsh@debian.org>

We believe that the bug you reported is fixed in the latest version of
libpam-radius-auth, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 951396@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Utkarsh Gupta <utkarsh@debian.org> (supplier of updated libpam-radius-auth package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 21 Feb 2020 15:47:11 +0530
Source: libpam-radius-auth
Architecture: source
Version: 1.4.0-3
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Utkarsh Gupta <utkarsh@debian.org>
Closes: 951396
Changes:
 libpam-radius-auth (1.4.0-3) unstable; urgency=medium
 .
   * QA upload
   * Add patch to fix buffer overflow in password field.
     (Fixes: CVE-2015-9542) (Closes: #951396)
   * Bump Standards-Version to 4.5.0 and dh-compat to 12
Checksums-Sha1:
 d11820cdea49142608311e32cb051212401a28ec 1876 libpam-radius-auth_1.4.0-3.dsc
 f04b32e335f1c8d35e9544e3052f115c62aee031 6256 libpam-radius-auth_1.4.0-3.debian.tar.xz
 5edf4d56c73b360c72357a59b9598db4ec7c8a2a 5967 libpam-radius-auth_1.4.0-3_amd64.buildinfo
Checksums-Sha256:
 649124d707c15ad129e5cad3fb6adf7fcdcea219a5349a4bff42ae81adbb3724 1876 libpam-radius-auth_1.4.0-3.dsc
 f9d5b9dfa2958331b0a58a6e600ee11d0ae50570f07fe635cb5e6cb788125755 6256 libpam-radius-auth_1.4.0-3.debian.tar.xz
 edaad559d04a50690a9ebc25369bbcd22eb948dd7d3b44d5dee5f71b4564b2d4 5967 libpam-radius-auth_1.4.0-3_amd64.buildinfo
Files:
 b45c7343b14d6835079980aff3e5971a 1876 admin optional libpam-radius-auth_1.4.0-3.dsc
 030d534dd574305340938bda54d3f9b8 6256 admin optional libpam-radius-auth_1.4.0-3.debian.tar.xz
 068f8a5dc117382e655438d02b78a723 5967 admin optional libpam-radius-auth_1.4.0-3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl5PsE4THHV0a2Fyc2hA
ZGViaWFuLm9yZwAKCRCCPpZ2BsNLltb1EADEfYxabi3CQ6JPcF8I86F7R0aJwkJH
GDOWHgHFQFnmZeZ0Vyf+L8wi+0PmfSKt9PO5pgl61uD7kv/oEx5flD9PJ5VPfzSh
imJVdipLB/13lhxIksy59GjQ08Yp25CdIZy3mF/8deyZYZBJ3ZAqKSlzLQO3bO7/
TPGCnzLHWoTBGufT5e5NusVhd7yQELyo+3WH4fyyHCNwjuUpbn8VScrn+ie+AsbI
YVjY4EJmbwgVrC0ZTuHcZTSwNcwO1IAFUwdHemnEx6evNO4+6yvGvmRJNURFkQVv
CQ1fkq9NuVQRePjyh4BCfHTDzQ+E9RHikODPdWyY+fHc44PxVi2KkJ9sSaNq7rPh
29407/DMSCfXoWUn+hRrsgE7HvXoaMmgBkBpHkyUmp6FfXrFzpInfUhVJ7euoaix
wjhRcL1AT8v0BtPJ0aWROmV8NI6+a0QcPk16SW9LNTc8n2NcP7WAQYovaUH8PfQ+
D39AwP/fSPctfMPMRgTXO0+20nyegvpylzmQar7TQ48EfX6g4gljNVTs2xFdLDI6
VCUQYx5YyzIX6qBL2ztOebE1q81e88OVFpMRFkh6fed+/uCTg57tPgGnyobSxnN9
TBs1b21MoRi/iV39at49zweLKRFUFdkJGhG8MgQRj1ZNUKH5F8TttB4Y25mFvofS
Psy1mLsH/4lF3A==
=xs+6
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: