[ubuntu/noble-updates] oath-toolkit 2.6.11-2.1ubuntu0.1 (Accepted)

[Ubuntu Archive Robot]

oath-toolkit (2.6.11-2.1ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: root escalation in liboath-pam
    - debian/patches/use-fopen-gnu.patch: use gnulib's fopen-gnu
      for cross-platform fopen
    - debian/patches/improve-liboath-usersfile-writing.patch: improve
      liboath usersfile write handling
    - debian/patches/pam_oath-seteuid.patch: drop privs to user when
      usersfile contains ${HOME}
    - CVE-2024-47191
  * Add execute_before_dh_auto_build to debian/rules to prevent man
      pages regenerating

Date: 2024-10-08 15:31:15.056454+00:00
Changed-By: Julia Sarris <julia.sarris at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/oath-toolkit/2.6.11-2.1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.