[SECURITY] [DLA 2000-1] pam-python security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2000-1] pam-python security update
From: Hugo Lefeuvre <hle@debian.org>
Date: Sat, 23 Nov 2019 09:57:16 +0100
Message-id: <[🔎] 20191123085716.vqau5ua62mblsdnw@behemoth.owl.eu.com.local>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : pam-python
Version        : 1.0.4-1.1+deb8u1
CVE ID         : CVE-2019-16729
Debian Bug     : 942514

It was discovered that pam-python, a PAM Module that runs the Python
interpreter, has an issue in regard to the default environment variable
handling of Python. This issue could allow for local root escalation in certain
PAM setups.

For Debian 8 "Jessie", this problem has been fixed in version
1.0.4-1.1+deb8u1.

We recommend that you upgrade your pam-python packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl3Y89sACgkQEeMFjl5E
GkIJugv/YPnAlABsiePx5eepDYO2Qom5l8/ARczass379gkl/0p1wd3TfFD103yI
33SAgIItRkGoloMxErcZHfSfltDBMzs5hvC5m4VuoYwPpbekMMPptDpYoEx9K0aw
dZt6p7u9LMjprU6kbvcwbs75qtjCx2fe5ZHXdQN8cdgWr7mJMkcQ5EYtvFk1rUBJ
ldHJkOMIy5Ge9lAJCrYsps2LTv2HmEbQ60W3GRV1ohaLeNfiBFg2XnWk7Qu+VBEd
nIAximBlAOT1QQz60U8Z4ifhdYl00fQistHZyssvWkCZI78YhMTh0QpkSlnUUXOA
yRXUNGRvw7QjGaCuJSIQNy8DNvQdvrczM++H8HJuVqe3PVTUH0XkW7dUEfSWM29m
OTnXWZQSU6ViiqrTyi9jA3/35xJdD/9Y+2tP/f6QvG7+xMxMn3gqFegXEks7Tdcu
8gpzITKOaeu1li5rwdpeaES9gPj5NwcUBT1IKZLZFW5Aj3owHQv/eQOBZy1BRTg7
eg1+2bLS
=0OMh
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1999-1] symfony security update
Next by Date: [SECURITY] [DLA 2001-1] libofx security update
Previous by thread: [SECURITY] [DLA 1999-1] symfony security update
Next by thread: [SECURITY] [DLA 2001-1] libofx security update
Index(es):
- Date
- Thread