Bug#877374: stretch-pu: shadow 1:4.4-4.1+deb9u1

To: Balint Reczey <balint.reczey@canonical.com>, 877374@bugs.debian.org
Subject: Bug#877374: stretch-pu: shadow 1:4.4-4.1+deb9u1
From: Julien Cristau <jcristau@debian.org>
Date: Sat, 13 Jan 2018 17:14:56 +0100
Message-id: <[🔎] 20180113161456.wlwsbhx23npy3t2w@betterave.cristau.org>
Reply-to: Julien Cristau <jcristau@debian.org>, 877374@bugs.debian.org
In-reply-to: <26d913b1-32e0-1837-7404-dd956e04cf35@canonical.com>
References: <26d913b1-32e0-1837-7404-dd956e04cf35@canonical.com> <26d913b1-32e0-1837-7404-dd956e04cf35@canonical.com>

Control: tag -1 moreinfo

On Sun, Oct  1, 2017 at 08:04:48 +0200, Balint Reczey wrote:

>  shadow (1:4.4-4.1+deb9u1) stretch; urgency=medium
>  .
>    * Revert adding pts/0 and pts/1 to securetty.
>      Adding pts/* defeats the purpose of securetty. Let containers add it if
>      needed as described in #830255.

I'm not sure I'm comfortable with the regression risk for users from
this one.  How long have those been listed in securetty?

>    * Fix buffer overflow if NULL line is present in db (CVE-2017-12424)
>      (Closes: #756630)
> 
I guess that's ok.

Cheers,
Julien

Reply to:

Follow-Ups:
- Bug#877374: stretch-pu: shadow 1:4.4-4.1+deb9u1
  - From: Balint Reczey <balint.reczey@canonical.com>

Prev by Date: Processed: Re: Bug#877374: stretch-pu: shadow 1:4.4-4.1+deb9u1
Next by Date: Processed: Re: Bug#877593: Acknowledgement (stretch-pu: package ocfs2-tools/1.8.4-4+deb9u1)
Previous by thread: Bug#887060: testing migration happened despite FTBFS on arch:all buildd
Next by thread: Processed: Re: Bug#877374: stretch-pu: shadow 1:4.4-4.1+deb9u1
Index(es):
- Date
- Thread