Branches for Hardy

Author: Steve Langasek
Revision Date: 2008-04-08 18:21:40 UTC

debian/local/common-{auth,password}, debian/libpam-runtime.postinst:
Add pam_smbpass as an optional module in the stack, to keep NTLM
passwords (for filesharing) in sync with the main system passwords on a
best-effort basis. LP: #208419.

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:31:55 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in
    Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3149

Author: Steve Langasek
Revision Date: 2008-04-22 18:53:37 UTC

* debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic
  module option 'missingok' which will suppress logging of errors by
  libpam if the module is not found.
* debian/local/common-{auth,password}, debian/libpam-runtime.postinst:
  Use the new 'missingok' option by default for pam_smbpass, to
  correct the problem of very loud logging introduced in the previous
  upload when libpam-smbpass is not installed. LP: #216990.

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:31:55 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in
    Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3149