Accepted libpam-krb5 3.11-4 (source i386)

To: debian-testing-changes@lists.debian.org
Subject: Accepted libpam-krb5 3.11-4 (source i386)
From: Russ Allbery <rra@debian.org>
Date: Wed, 11 Feb 2009 21:02:14 +0000
Message-id: <[🔎] E1LXMDm-0001vz-DM@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 29 Jan 2009 15:42:10 -0800
Source: libpam-krb5
Binary: libpam-krb5
Architecture: source i386
Version: 3.11-4
Distribution: testing-security
Urgency: high
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libpam-krb5 - PAM module for MIT Kerberos
Changes: 
 libpam-krb5 (3.11-4) testing-security; urgency=high
 .
   * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user
     environment variables that specify the local keytab and Kerberos
     configuration.  Protects against a privilege escalation vulnerability.
   * SECURITY (CVE-2009-0361): Protect against applications calling
     pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context.
     This API call is designed to reinitialize an existing Kerberos ticket
     cache and therefore trusts the KRB5CCNAME environment variable, but in
     a setuid context, this may allow overwriting arbitrary files.
Checksums-Sha1: 
 201fea96d5d9acf594e1eee4fd2b0e5ac4e23c5f 1214 libpam-krb5_3.11-4.dsc
 672fe51367c336bea93d67be41afb06bece63e4b 149399 libpam-krb5_3.11.orig.tar.gz
 23ede7186cec5d0604412bdefd1310960b483260 15156 libpam-krb5_3.11-4.diff.gz
 b773a9ea3097c01c566fd5b805c3b213ed7af8ab 61914 libpam-krb5_3.11-4_i386.deb
Checksums-Sha256: 
 fae07b1431d1d9d937105fd7a183772da23ed714c51a189f53dc9093d146e9f4 1214 libpam-krb5_3.11-4.dsc
 8bfdbc7eeb4e9db781e8c37b8da3b8c7e546c357cc2973e0b92e2cb83555b2db 149399 libpam-krb5_3.11.orig.tar.gz
 bffa5e93fbb05ac3caa1b7b36590e8fe5ef6fc7d180ba1dfe0f157acf3b9b94a 15156 libpam-krb5_3.11-4.diff.gz
 770dbb1e6c9f7a7cc29b71abbfcbba14cee3144b076abfae7dbfeda8dc257faf 61914 libpam-krb5_3.11-4_i386.deb
Files: 
 d17155b357a46e48a0202ba4a5f1ab87 1214 net optional libpam-krb5_3.11-4.dsc
 ba94e7bfd5255705b6fc1c137834f79a 149399 net optional libpam-krb5_3.11.orig.tar.gz
 225752a8e6d412024d32c6f1afa26019 15156 net optional libpam-krb5_3.11-4.diff.gz
 6a136bf7f4c6185abc540cafbde82ffd 61914 net optional libpam-krb5_3.11-4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkmJIKQACgkQ+YXjQAr8dHaAtgCeLYu/9RT3I0hmzJqW7b4po4ve
JJkAmwQuY3Vv0Aj99MpAO5iGa+hERutZ
=6P11
-----END PGP SIGNATURE-----


Accepted:
libpam-krb5_3.11-4.diff.gz
  to pool/main/libp/libpam-krb5/libpam-krb5_3.11-4.diff.gz
libpam-krb5_3.11-4.dsc
  to pool/main/libp/libpam-krb5/libpam-krb5_3.11-4.dsc
libpam-krb5_3.11-4_i386.deb
  to pool/main/libp/libpam-krb5/libpam-krb5_3.11-4_i386.deb

Reply to:

Prev by Date: Accepted samizdat 0.6.1-3lenny1 (source all)
Next by Date: Accepted libpam-heimdal 3.10-2.1 (source i386)
Previous by thread: Accepted samizdat 0.6.1-3lenny1 (source all)
Next by thread: Accepted libpam-heimdal 3.10-2.1 (source i386)
Index(es):
- Date
- Thread