Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2013-02-18 18:09:19 +0100
committerArthur de Jong <arthur@arthurdejong.org>2013-02-18 18:09:19 +0100
commitf1ae2a057de7dbbc2ab3c5b7dca0b182cbf91d6b (patch)
tree97df03d4784291c64ec3e04a0210770d88c97d13
parentdbd5dfe1c642cc757dda1621495a2899cb6bbb46 (diff)
get files ready for 0.7.15+squeeze3 release0.7.15+squeeze3
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-0.7.15+squeeze@1927 ef36b2f9-881f-0410-afb5-c4e39611909c
-rw-r--r--debian/changelog10
1 files changed, 10 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index fcc2179..3d5cb02 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+nss-pam-ldapd (0.7.15+squeeze3) stable-security; urgency=high
+
+ * SECURITY FIX: Garth Mollett discovered that a file descriptor overflow
+ issue in the use of FD_SET() in nss-pam-ldapd can lead
+ to a stack-based buffer overflow (CVE-2013-0288)
+ this bug has been fixed by extra range checking before
+ calling FD_SET() (backported from 0.7.18) (closes: #690319)
+
+ -- Arthur de Jong <adejong@debian.org> Fri, 15 Feb 2013 23:00:00 +0100
+
nss-pam-ldapd (0.7.15+squeeze2) stable; urgency=low
* support larger gecos values (closes: #640781) (backported from 0.7.17)