-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 6 May 2007 02:42:10 -0400
Source: ldap-account-manager
Binary: ldap-account-manager
Architecture: source all
Version: 0.4.9-2sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Roland Gruber <[EMAIL PROTECTED]>
Changed-By: Noah Meyerhans <[EMAIL PROTECTED]>
Description:
ldap-account-manager - webfrontend for managing Unix and Samba accounts in an
LDAP direc
Changes:
ldap-account-manager (0.4.9-2sarge1) oldstable-security; urgency=high
.
* Non-maintainer upload by the security team.
* Fix improper quoting of user description field in lib/modules.inc that
lead to a cross-site scripting vulnerability. (CVE-2007-1840)
* Fix local root vulnerability in lamdaemon.pl that allowed local users
to execute arbitrary code by specifying a PATH variable pointing to a
malicius rm program (CVE-2006-7191)
Files:
e35751aee6f3d2658caa7f7e605b7c69 629 web extra
ldap-account-manager_0.4.9-2sarge1.dsc
6478d91210dbf13c9d49b7aa1a971be1 423988 web extra
ldap-account-manager_0.4.9.orig.tar.gz
4c853e7304c431d7da29e8988bafff7a 12059 web extra
ldap-account-manager_0.4.9-2sarge1.diff.gz
47e7959aedbc6f62a3c266708d8208a8 408360 web extra
ldap-account-manager_0.4.9-2sarge1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGPfGuYrVLjBFATsMRAuV8AJ0Wz/SxJery3n2Tq/OEqYGQNuVfSgCbBQtJ
imGOQaDu/ubIBHNNsJPmNT4=
=TQVq
-----END PGP SIGNATURE-----
Accepted:
ldap-account-manager_0.4.9-2sarge1.diff.gz
to pool/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1.diff.gz
ldap-account-manager_0.4.9-2sarge1.dsc
to pool/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1.dsc
ldap-account-manager_0.4.9-2sarge1_all.deb
to pool/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1_all.deb
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
