Unsubscribe
> On May 4, 2016, at 2:50 PM, Salvatore Bonaccorso <car...@debian.org> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > - ------------------------------------------------------------------------- > Debian Security Advisory DSA-3567-1 secur...@debian.org > https://www.debian.org/security/ Salvatore Bonaccorso > May 04, 2016 https://www.debian.org/security/faq > - ------------------------------------------------------------------------- > > Package : libpam-sshauth > CVE ID : CVE-2016-4422 > > It was discovered that libpam-sshauth, a PAM module to authenticate > using an SSH server, does not correctly handle system users. In certain > configurations an attacker can take advantage of this flaw to gain root > privileges. > > For the stable distribution (jessie), this problem has been fixed in > version 0.3.1-1+deb8u1. > > For the testing distribution (stretch), this problem has been fixed > in version 0.4.1-2. > > For the unstable distribution (sid), this problem has been fixed in > version 0.4.1-2. > > We recommend that you upgrade your libpam-sshauth packages. > > Further information about Debian Security Advisories, how to apply > these updates to your system and frequently asked questions can be > found at: https://www.debian.org/security/ > > Mailing list: debian-security-annou...@lists.debian.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQIcBAEBCgAGBQJXKk9uAAoJEAVMuPMTQ89EjEEP/Re5Zlc+WLHuPuS27dD+a/av > bwaiwd5d2hfS5mPZRhb/lSw6StsHfApjuG3CXi2ZUODLcWUNQPeNP6swcFmAN8Gy > hIPbLmC127A9+ht7IqtZwMMBM3vvnKzF1+bPIgr2oep2dfE6PE2imC6wzkwSXmIG > M3Hb2NCVGvJBgQTYZLkykC0BdGWGQ5dBAwcMZzVfBGvDcs1fhWhug/lx81HbNLQc > +b58v68HyoU+HVMClsAxcsqmvZVXTm2eK95Y6iKzJfjFvuU1XtgWFfdR0LBo+zXV > uYxFXVUXBKr8QMCZt6mk8UNNglj0Jm52NuRl3KiA3mo+SA0RVZNFmr3HSLFQa0XK > y6v9jNCT7DAVe2A02F7nVj9tcjnplZ61rvt9lfHPcLQsWhM53mOEm5yucfJk9vp2 > uSujlP8WFwLVbR32zLSTEFHMFqnA20zDkYxdeinJKKeoEsn7XrTq3itNmnQoRDi9 > fswrbiVHVpc2TgSw42ek3YUPype4Ri5DkUFR47mPFUXoqeA2mNngKqUkrhIi7FC1 > VEBSNquQCX+Qn84QFqEMI958KSD6qDYcm5Exz6GXWIKlq8pAQfydO3hSWgjTcLBh > RlsVF+1dkWvcLR41eDJ7/zTIWZbJU0t//h16gLsX42dRBFDMYDawu5QoW2VGwtew > g9bjfhTxRzheV444GKXH > =PBTm > -----END PGP SIGNATURE----- >
