[ubuntu/noble-security] oath-toolkit 2.6.11-2.1ubuntu0.1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Oct 9 13:52:56 UTC 2024
oath-toolkit (2.6.11-2.1ubuntu0.1) noble-security; urgency=medium
* SECURITY UPDATE: root escalation in liboath-pam
- debian/patches/use-fopen-gnu.patch: use gnulib's fopen-gnu
for cross-platform fopen
- debian/patches/improve-liboath-usersfile-writing.patch: improve
liboath usersfile write handling
- debian/patches/pam_oath-seteuid.patch: drop privs to user when
usersfile contains ${HOME}
- CVE-2024-47191
* Add execute_before_dh_auto_build to debian/rules to prevent man
pages regenerating
Date: 2024-10-08 15:31:15.056454+00:00
Changed-By: Julia Sarris <julia.sarris at canonical.com>
Signed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/oath-toolkit/2.6.11-2.1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list