Bug#212463: marked as done (pam security problem in OpenSSH again?)

To: Brian Ristuccia <brian@ristuccia.com>
Cc: 212463@bugs.debian.org, Matt Zimmerman <mdz@debian.org>
Subject: Bug#212463: marked as done (pam security problem in OpenSSH again?)
From: Colin Watson <cjwatson@debian.org>
Date: Tue, 23 Sep 2003 22:38:18 +0100
Message-id: <[🔎] 20030923213818.GA27077@riva.ucam.org>
Reply-to: Colin Watson <cjwatson@debian.org>, 212463@bugs.debian.org
In-reply-to: <[🔎] handler.212463.D212463.106435128621969.ackdone@bugs.debian.org>
References: <20030923210729.GL29549@alcor.net> <[🔎] 20030923210007.GE19245@osiris.978.org> <[🔎] handler.212463.D212463.106435128621969.ackdone@bugs.debian.org>

On Tue, Sep 23, 2003 at 05:07:29PM -0400, Matt Zimmerman wrote:
> On Tue, Sep 23, 2003 at 05:00:07PM -0400, Brian Ristuccia wrote:
> > Looks like there's some serious security problem in the PAM implementation.
> > There's been a lot of changes in this area after 1.3.6, so it's not clear if
> > the version Debian is distributing are affected. Someone, either the
> > security team or the package maintainer, should have a look.
> > 
> > http://www.securityfocus.com/archive/121/338616
> > http://www.securityfocus.com/archive/121/338617
> 
> Doesn't affect Debian at all; stable, testing or unstable.

Quite so. No PAM patches were ever taken from 3.7 into Debian 3.6.1,
because the codebases differed too much.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

References:
- Bug#212463: pam security problem in OpenSSH again?
  - From: Brian Ristuccia <brian@ristuccia.com>
- Bug#212463: marked as done (pam security problem in OpenSSH again?)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#211434: failure notice
Next by Date: Bug#211644: If it helps, here's a copyright workaround
Previous by thread: Bug#212463: marked as done (pam security problem in OpenSSH again?)
Next by thread: Bug#211434: failure notice
Index(es):
- Date
- Thread