[ubuntu/jammy-security] oath-toolkit 2.6.7-3ubuntu0.1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Oct 9 13:50:59 UTC 2024
oath-toolkit (2.6.7-3ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: root escalation in liboath-pam
- debian/patches/use-fopen-gnu.patch: use gnulib's fopen-gnu
for cross-platform fopen
- debian/patches/improve-liboath-usersfile-writing.patch: improve
liboath usersfile write handling
- debian/patches/pam_oath-seteuid.patch: drop privs to user when
usersfile contains ${HOME}
- CVE-2024-47191
* Add execute_before_dh_auto_build to debian/rules to prevent man
pages regenerating
Date: 2024-10-08 15:24:19.662499+00:00
Changed-By: Julia Sarris <julia.sarris at canonical.com>
Signed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/oath-toolkit/2.6.7-3ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list