oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: pam

From: Josh Bressers <bressers () redhat com>
Date: Tue, 18 Oct 2011 16:24:32 -0400 (EDT)


----- Original Message -----

Hello,

Could a CVE please be assigned to the following issue:

A Debian/Ubuntu specific patch in pam, update-motd, calls the scripts
in /etc/update-motd.d as root without sanitizing the environment.

See:

https://bugs.launchpad.net/ubuntu/+source/pam/+bug/610125



Please use CVE-2011-3628.

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: