[Pkg-shadow-devel] shadow 220.127.116.11 released - security bug fix
nicolas.francois at centraliens.net
Sun Nov 23 01:25:50 UTC 2008
I've released shadow 18.104.22.168 to fix two security bugs for login.
Debian and derivatives are affected.
Fedora is not affected (the login used by Fedora is coming from
Gentoo is probably affected.
You can find the 22.214.171.124 archive in:
Here is the comprehensive changelog for this release:
shadow-126.96.36.199 -> shadow-188.8.131.52 23-11-2008
- Fix a race condition in login that could lead to gaining ownership or
changing mode of arbitrary files.
- Fix a possible login DOS, which could be caused by injecting forged
entries in utmp.
More information about the Pkg-shadow-devel