This bug was fixed in the package pam-pgsql - 0.6.3-0ubuntu1.8.04.1
--------------- pam-pgsql (0.6.3-0ubuntu1.8.04.1) hardy-security; urgency=low
* SECURITY UPDATE: local users may bypass authentication and gain privileges by sending <CTRL-C> at the password prompt. * pam_pgsql.c: applied Debian patch to fix operator precedence (Fixes LP: #242690) * pam_get_service.c: applied Debian patch from 0.6.3-2 to fix FTBFS * References CVE-2008-2516 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481970 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441679
-- Thierry Carrez <email address hidden> Wed, 25 Jun 2008 21:04:24 +0200
This bug was fixed in the package pam-pgsql - 0.6.3-0ubuntu1. 8.04.1
--------------- 0ubuntu1. 8.04.1) hardy-security; urgency=low
pam-pgsql (0.6.3-
* SECURITY UPDATE: local users may bypass authentication and gain bugs.debian. org/cgi- bin/bugreport. cgi?bug= 481970 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 441679
privileges by sending <CTRL-C> at the password prompt.
* pam_pgsql.c: applied Debian patch to fix operator precedence
(Fixes LP: #242690)
* pam_get_service.c: applied Debian patch from 0.6.3-2 to fix FTBFS
* References
CVE-2008-2516
http://
http://
-- Thierry Carrez <email address hidden> Wed, 25 Jun 2008 21:04:24 +0200