nss-pam-ldapd commit: r1927 - nss-pam-ldapd-0.7.15+squeeze/debian
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
nss-pam-ldapd commit: r1927 - nss-pam-ldapd-0.7.15+squeeze/debian
- From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
- To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
- Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: nss-pam-ldapd commit: r1927 - nss-pam-ldapd-0.7.15+squeeze/debian
- Date: Mon, 18 Feb 2013 18:09:21 +0100 (CET)
Author: arthur
Date: Mon Feb 18 18:09:19 2013
New Revision: 1927
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1927&view=revision
Log:
get files ready for 0.7.15+squeeze3 release
Modified:
nss-pam-ldapd-0.7.15+squeeze/debian/changelog
Modified: nss-pam-ldapd-0.7.15+squeeze/debian/changelog
==============================================================================
--- nss-pam-ldapd-0.7.15+squeeze/debian/changelog Mon Feb 18 18:07:52
2013 (r1926)
+++ nss-pam-ldapd-0.7.15+squeeze/debian/changelog Mon Feb 18 18:09:19
2013 (r1927)
@@ -1,3 +1,13 @@
+nss-pam-ldapd (0.7.15+squeeze3) stable-security; urgency=high
+
+ * SECURITY FIX: Garth Mollett discovered that a file descriptor overflow
+ issue in the use of FD_SET() in nss-pam-ldapd can lead
+ to a stack-based buffer overflow (CVE-2013-0288)
+ this bug has been fixed by extra range checking before
+ calling FD_SET() (backported from 0.7.18) (closes: #690319)
+
+ -- Arthur de Jong <adejong@debian.org> Fri, 15 Feb 2013 23:00:00 +0100
+
nss-pam-ldapd (0.7.15+squeeze2) stable; urgency=low
* support larger gecos values (closes: #640781) (backported from 0.7.17)
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/
- nss-pam-ldapd commit: r1927 - nss-pam-ldapd-0.7.15+squeeze/debian,
Commits of the nss-pam-ldapd project
