Bug#877374: stretch-pu: shadow 1:4.4-4.1+deb9u1
Control: tag -1 moreinfo
On Sun, Oct 1, 2017 at 08:04:48 +0200, Balint Reczey wrote:
> shadow (1:4.4-4.1+deb9u1) stretch; urgency=medium
> .
> * Revert adding pts/0 and pts/1 to securetty.
> Adding pts/* defeats the purpose of securetty. Let containers add it if
> needed as described in #830255.
I'm not sure I'm comfortable with the regression risk for users from
this one. How long have those been listed in securetty?
> * Fix buffer overflow if NULL line is present in db (CVE-2017-12424)
> (Closes: #756630)
>
I guess that's ok.
Cheers,
Julien
Reply to: