[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[OATH-Toolkit-help] Bug#742140: marked as done (libpam-oath: PAM module
|
From: |
Debian Bug Tracking System |
|
Subject: |
[OATH-Toolkit-help] Bug#742140: marked as done (libpam-oath: PAM module does not check whether strdup allocations succeeded) |
|
Date: |
Tue, 19 May 2015 13:51:05 +0000 |
Your message dated Tue, 19 May 2015 13:49:09 +0000
with message-id <address@hidden>
and subject line Bug#742140: fixed in oath-toolkit 2.6.0-1
has caused the Debian Bug report #742140,
regarding libpam-oath: PAM module does not check whether strdup allocations
succeeded
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact address@hidden
immediately.)
--
742140: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742140
Debian Bug Tracking System
Contact address@hidden with problems
--- Begin Message ---
|
Subject: |
libpam-oath: PAM module does not check whether strdup allocations succeeded |
|
Date: |
Wed, 19 Mar 2014 19:49:52 +0200 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Package: libpam-oath
Version: 2.0.2-2
Severity: grave
Tags: security upstream patch
The OATH Toolkit PAM module does not check whether strdup allocations
succeeded. This may result in null pointer dereference and application
crash.
Depending on the use of the PAM module, this may be remotely exploitable.
strdup-retval-check.patch
Description: Text Data
--- End Message ---
--- Begin Message ---
|
Subject: |
Bug#742140: fixed in oath-toolkit 2.6.0-1 |
|
Date: |
Tue, 19 May 2015 13:49:09 +0000 |
Source: oath-toolkit
Source-Version: 2.6.0-1
We believe that the bug you reported is fixed in the latest version of
oath-toolkit, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to address@hidden,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Simon Josefsson <address@hidden> (supplier of updated oath-toolkit package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing address@hidden)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 19 May 2015 14:07:52 +0200
Source: oath-toolkit
Binary: liboath-dev liboath0 oathtool oath-dbg libpam-oath
Architecture: source
Version: 2.6.0-1
Distribution: unstable
Urgency: low
Maintainer: OATH Toolkit Team <address@hidden>
Changed-By: Simon Josefsson <address@hidden>
Description:
liboath-dev - Development files for the OATH Toolkit Liboath library
liboath0 - OATH Toolkit Liboath library
libpam-oath - OATH Toolkit libpam_oath PAM module
oath-dbg - OATH Toolkit debugging symbols
oathtool - OATH Toolkit oathtool command line tool
Closes: 742140
Changes:
oath-toolkit (2.6.0-1) unstable; urgency=low
.
* New upstream release.
- Memory strdup allocation result checked. Closes: #742140.
- New symbols added.
Checksums-Sha1:
8b7aa5379387ea927fa0bd6f37bd8e9f5fe2be18 1888 oath-toolkit_2.6.0-1.dsc
47d94633917a51527c7e545885422a464f703a2b 4235568 oath-toolkit_2.6.0.orig.tar.gz
04357f1717245353c51c61e32bc0a15b8ce225dd 15628
oath-toolkit_2.6.0-1.debian.tar.xz
Checksums-Sha256:
4413fc79fe78f196c2e098567e2a76513a3da421a517817237ad8235d0db1125 1888
oath-toolkit_2.6.0-1.dsc
2346cb8a2fc75ea56934cb9867463001665772308f2d9e7fe487159d38960926 4235568
oath-toolkit_2.6.0.orig.tar.gz
5b8d5c2d49e6bb65e78c3a31510dd472017ab8f07134cab7a9751b67db1e7299 15628
oath-toolkit_2.6.0-1.debian.tar.xz
Files:
c58e712e99cc0131a73df11f0444819c 1888 devel optional oath-toolkit_2.6.0-1.dsc
f19f1c47eb7d1c609b3e244876b9ce63 4235568 devel optional
oath-toolkit_2.6.0.orig.tar.gz
a123729876df56a182a663c9b8a41d8b 15628 devel optional
oath-toolkit_2.6.0-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJVWz4IAAoJEIYLf7sy+BGd2+oIAKnNjxm496zbs1fzWE5AYuTW
WvzKtvG8xpRsXLiFZdJ2O86BXxMZuCYMN6UpwxFHkIZHqXxwagT5/6A0gCQ/1GjG
AzzjKy56DrIEh6j7YUANhdyBxqLvTXoOyVghbeZDnX0yVPPQ/sDF+61eDgepreFI
iTqI8YlGq35iwstJP4fCOUMdYZuxPo57Ci2URbgWChI+x1W+FvE1jRiryzX/RgmJ
+ZlX8GkfcUWS5sB6HZ4No+2Ve+wqv0k0rJ4FQc+GM7XcPv2YkHbskPA4fz3x81Qm
RgJO9856IKkIO32sk5R47HuQzpYnibnbxNPvgdcpXvLrZvTXiUhuYbegjjqIc2M=
=2eLk
-----END PGP SIGNATURE-----
--- End Message ---
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [OATH-Toolkit-help] Bug#742140: marked as done (libpam-oath: PAM module does not check whether strdup allocations succeeded),
Debian Bug Tracking System <=