Accepted libpam-krb5 3.11-4 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 29 Jan 2009 15:42:10 -0800
Source: libpam-krb5
Binary: libpam-krb5
Architecture: source i386
Version: 3.11-4
Distribution: testing-security
Urgency: high
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
libpam-krb5 - PAM module for MIT Kerberos
Changes:
libpam-krb5 (3.11-4) testing-security; urgency=high
.
* SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user
environment variables that specify the local keytab and Kerberos
configuration. Protects against a privilege escalation vulnerability.
* SECURITY (CVE-2009-0361): Protect against applications calling
pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context.
This API call is designed to reinitialize an existing Kerberos ticket
cache and therefore trusts the KRB5CCNAME environment variable, but in
a setuid context, this may allow overwriting arbitrary files.
Checksums-Sha1:
201fea96d5d9acf594e1eee4fd2b0e5ac4e23c5f 1214 libpam-krb5_3.11-4.dsc
672fe51367c336bea93d67be41afb06bece63e4b 149399 libpam-krb5_3.11.orig.tar.gz
23ede7186cec5d0604412bdefd1310960b483260 15156 libpam-krb5_3.11-4.diff.gz
b773a9ea3097c01c566fd5b805c3b213ed7af8ab 61914 libpam-krb5_3.11-4_i386.deb
Checksums-Sha256:
fae07b1431d1d9d937105fd7a183772da23ed714c51a189f53dc9093d146e9f4 1214 libpam-krb5_3.11-4.dsc
8bfdbc7eeb4e9db781e8c37b8da3b8c7e546c357cc2973e0b92e2cb83555b2db 149399 libpam-krb5_3.11.orig.tar.gz
bffa5e93fbb05ac3caa1b7b36590e8fe5ef6fc7d180ba1dfe0f157acf3b9b94a 15156 libpam-krb5_3.11-4.diff.gz
770dbb1e6c9f7a7cc29b71abbfcbba14cee3144b076abfae7dbfeda8dc257faf 61914 libpam-krb5_3.11-4_i386.deb
Files:
d17155b357a46e48a0202ba4a5f1ab87 1214 net optional libpam-krb5_3.11-4.dsc
ba94e7bfd5255705b6fc1c137834f79a 149399 net optional libpam-krb5_3.11.orig.tar.gz
225752a8e6d412024d32c6f1afa26019 15156 net optional libpam-krb5_3.11-4.diff.gz
6a136bf7f4c6185abc540cafbde82ffd 61914 net optional libpam-krb5_3.11-4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkmJIKQACgkQ+YXjQAr8dHaAtgCeLYu/9RT3I0hmzJqW7b4po4ve
JJkAmwQuY3Vv0Aj99MpAO5iGa+hERutZ
=6P11
-----END PGP SIGNATURE-----
Accepted:
libpam-krb5_3.11-4.diff.gz
to pool/main/libp/libpam-krb5/libpam-krb5_3.11-4.diff.gz
libpam-krb5_3.11-4.dsc
to pool/main/libp/libpam-krb5/libpam-krb5_3.11-4.dsc
libpam-krb5_3.11-4_i386.deb
to pool/main/libp/libpam-krb5/libpam-krb5_3.11-4_i386.deb
Reply to: