pam (1.1.1-2ubuntu5.4) lucid-security; urgency=low
* SECURITY UPDATE: possible code execution via incorrect environment file
parsing (LP: #874469)
- debian/patches-applied/CVE-2011-3148.patch: correctly count leading
whitespace when parsing environment file in modules/pam_env/pam_env.c.
- CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
expansion (LP: #874565)
- debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
with PAM_BUF_ERR in modules/pam_env/pam_env.c.
- CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
- debian/patches-applied/update-motd: updated to use clean environment
and absolute paths in modules/pam_motd/pam_motd.c.
- CVE-2011-XXXX
Date: Tue, 18 Oct 2011 10:26:13 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/lucid/+source/pam/1.1.1-2ubuntu5.4
Format: 1.8
Date: Tue, 18 Oct 2011 10:26:13 -0400
Source: pam
Binary: libpam0g libpam-modules libpam-runtime libpam0g-dev libpam-cracklib
libpam-doc
Architecture: source
Version: 1.1.1-2ubuntu5.4
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
libpam-cracklib - PAM module to enable cracklib support
libpam-doc - Documentation of PAM
libpam-modules - Pluggable Authentication Modules for PAM
libpam-runtime - Runtime support for the PAM library
libpam0g - Pluggable Authentication Modules library
libpam0g-dev - Development files for PAM
Launchpad-Bugs-Fixed: 874469 874565
Changes:
pam (1.1.1-2ubuntu5.4) lucid-security; urgency=low
.
* SECURITY UPDATE: possible code execution via incorrect environment file
parsing (LP: #874469)
- debian/patches-applied/CVE-2011-3148.patch: correctly count leading
whitespace when parsing environment file in modules/pam_env/pam_env.c.
- CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
expansion (LP: #874565)
- debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
with PAM_BUF_ERR in modules/pam_env/pam_env.c.
- CVE-2011-3149
* SECURITY UPDATE: code execution via incorrect environment cleaning
- debian/patches-applied/update-motd: updated to use clean environment
and absolute paths in modules/pam_motd/pam_motd.c.
- CVE-2011-XXXX
Checksums-Sha1:
e11c979a20d1b193185c8899326fbdb6b3a231af 2241 pam_1.1.1-2ubuntu5.4.dsc
84518324bf62dd8875e29235d06663706126fb16 254704 pam_1.1.1-2ubuntu5.4.diff.gz
Checksums-Sha256:
e395e90850dd0f3edaafd5bb9e9e4517359ceaa1627ea8c3012230226eb540ec 2241
pam_1.1.1-2ubuntu5.4.dsc
4b16d4c7d6267868876360edcf1ff6884f66446bf87afbea702a745f85f63649 254704
pam_1.1.1-2ubuntu5.4.diff.gz
Files:
cbfc67a68bc203e4eddb4a82e45f0f3a 2241 libs optional pam_1.1.1-2ubuntu5.4.dsc
358b3141c8fa7923f32aec6d5df0c82f 254704 libs optional
pam_1.1.1-2ubuntu5.4.diff.gz
Original-Maintainer: Steve Langasek <[email protected]>
--
Lucid-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/lucid-changes
