Accepted libpam-heimdal 3.10-2.1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 09 Feb 2009 15:32:19 -0800
Source: libpam-heimdal
Binary: libpam-heimdal
Architecture: source i386
Version: 3.10-2.1
Distribution: testing-security
Urgency: high
Maintainer: Matthijs Mohlmann <matthijs@cacholong.nl>
Changed-By: Russ Allbery <rra@debian.org>
Description:
libpam-heimdal - PAM module for Heimdal Kerberos 5
Changes:
libpam-heimdal (3.10-2.1) testing-security; urgency=high
.
* Non-maintainer security upload.
* SECURITY (CVE-2009-0361): Protect against applications calling
pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context.
This API call is designed to reinitialize an existing Kerberos ticket
cache and therefore trusts the KRB5CCNAME environment variable, but in
a setuid context, this may allow overwriting arbitrary files.
Checksums-Sha1:
cf0e748b4512f8f70af6aafd3cda1610ffb3df0c 1096 libpam-heimdal_3.10-2.1.dsc
2aaae960239a0875efc239cc3bdc5ae685184809 156259 libpam-heimdal_3.10.orig.tar.gz
5fc996b114ce8f7f9eb9255070585f593fe686ab 8360 libpam-heimdal_3.10-2.1.diff.gz
52b878f7d017a400d06cf0c810729c9ed26d8b00 51314 libpam-heimdal_3.10-2.1_i386.deb
Checksums-Sha256:
d2f9821c5e23b8ecce4ab82f2d6e1bb5d9e39f9a3feac6060b77a55ac8be5ed3 1096 libpam-heimdal_3.10-2.1.dsc
e1760284417a8a4b4ffe0889bffc8cf05869d5ead680d50931e714a1a97a86db 156259 libpam-heimdal_3.10.orig.tar.gz
fcf2da51970a6c504b2eaed9d10d45670748d2cbebeca25a26527a624be1c75d 8360 libpam-heimdal_3.10-2.1.diff.gz
fb0203b615b91843f2b735a65b73f12fd7afcf3d71326a0e45479f9a5937f383 51314 libpam-heimdal_3.10-2.1_i386.deb
Files:
6dabd46ba32f9ded15a4e7792a535344 1096 net optional libpam-heimdal_3.10-2.1.dsc
6ec6bd6637f8c91bf5386ed95fa975ba 156259 net optional libpam-heimdal_3.10.orig.tar.gz
e20700c7d335e61376b2cc743922334a 8360 net optional libpam-heimdal_3.10-2.1.diff.gz
96bcc457824b6e9bab29fcacba8f971c 51314 net optional libpam-heimdal_3.10-2.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkmRKHUACgkQ+YXjQAr8dHbEGQCfSRjmZy6uDjpd5ehSrJzkyIgk
30wAnR8VbXry9/0l9UuKQTsved5RTm7g
=IYDv
-----END PGP SIGNATURE-----
Accepted:
libpam-heimdal_3.10-2.1.diff.gz
to pool/main/libp/libpam-heimdal/libpam-heimdal_3.10-2.1.diff.gz
libpam-heimdal_3.10-2.1.dsc
to pool/main/libp/libpam-heimdal/libpam-heimdal_3.10-2.1.dsc
libpam-heimdal_3.10-2.1_i386.deb
to pool/main/libp/libpam-heimdal/libpam-heimdal_3.10-2.1_i386.deb
Reply to: