-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 6 May 2007 02:42:10 -0400
Source: ldap-account-manager
Binary: ldap-account-manager
Architecture: source all
Version: 0.4.9-2sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Roland Gruber <post@rolandgruber.de>
Changed-By: Noah Meyerhans <noahm@csail.mit.edu>
Description:
ldap-account-manager - webfrontend for managing Unix and Samba accounts in an LDAP direc
Changes:
ldap-account-manager (0.4.9-2sarge1) oldstable-security; urgency=high
.
* Non-maintainer upload by the security team.
* Fix improper quoting of user description field in lib/modules.inc that
lead to a cross-site scripting vulnerability. (CVE-2007-1840)
* Fix local root vulnerability in lamdaemon.pl that allowed local users
to execute arbitrary code by specifying a PATH variable pointing to a
malicius rm program (CVE-2006-7191)
Files:
e35751aee6f3d2658caa7f7e605b7c69 629 web extra ldap-account-manager_0.4.9-2sarge1.dsc
6478d91210dbf13c9d49b7aa1a971be1 423988 web extra ldap-account-manager_0.4.9.orig.tar.gz
4c853e7304c431d7da29e8988bafff7a 12059 web extra ldap-account-manager_0.4.9-2sarge1.diff.gz
47e7959aedbc6f62a3c266708d8208a8 408360 web extra ldap-account-manager_0.4.9-2sarge1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGPfGuYrVLjBFATsMRAuV8AJ0Wz/SxJery3n2Tq/OEqYGQNuVfSgCbBQtJ
imGOQaDu/ubIBHNNsJPmNT4=
=TQVq
-----END PGP SIGNATURE-----
Accepted:
ldap-account-manager_0.4.9-2sarge1.diff.gz
to pool/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1.diff.gz
ldap-account-manager_0.4.9-2sarge1.dsc
to pool/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1.dsc
ldap-account-manager_0.4.9-2sarge1_all.deb
to pool/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1_all.deb
