Accepted libpam-krb5 2.6-1etch1 (source i386)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 29 Jan 2009 12:42:13 -0800
Source: libpam-krb5
Binary: libpam-krb5
Architecture: source i386
Version: 2.6-1etch1
Distribution: stable-security
Urgency: high
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libpam-krb5 - PAM module for MIT Kerberos
Changes: 
 libpam-krb5 (2.6-1etch1) stable-security; urgency=high
 .
   * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user
     environment variables that specify the local keytab and Kerberos
     configuration.  Protects against a privilege escalation vulnerability.
   * SECURITY (CVE-2009-0361): Protect against applications calling
     pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context.
     This API call is designed to reinitialize an existing Kerberos ticket
     cache and therefore trusts the KRB5CCNAME environment variable, but in
     a setuid context, this may allow overwriting arbitrary files.
Files: 
 e24d2e134c78f26f571ae691a4dd3209 670 net optional libpam-krb5_2.6-1etch1.dsc
 5742d0fb75ac148b7748387bc295f472 119752 net optional libpam-krb5_2.6.orig.tar.gz
 93ab13d570cbb2938e703fef2f06581e 11016 net optional libpam-krb5_2.6-1etch1.diff.gz
 9d3eb6c5e1954393cde41f73b3824190 56726 net optional libpam-krb5_2.6-1etch1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkmJHCgACgkQ+YXjQAr8dHYONQCfcvM2vltiFIujGeK10cz9yaeG
QkkAmQGGaCeRnx2Q9Lr+i0IQqWNmWALb
=3D9k
-----END PGP SIGNATURE-----


Accepted:
libpam-krb5_2.6-1etch1.diff.gz
  to pool/main/libp/libpam-krb5/libpam-krb5_2.6-1etch1.diff.gz
libpam-krb5_2.6-1etch1.dsc
  to pool/main/libp/libpam-krb5/libpam-krb5_2.6-1etch1.dsc
libpam-krb5_2.6-1etch1_i386.deb
  to pool/main/libp/libpam-krb5/libpam-krb5_2.6-1etch1_i386.deb