-
Committer:
Bazaar Package Importer
-
Author(s):
Scott Salley
-
Date:
2010-07-21 13:54:00 UTC
-
Revision ID:
james.westby@ubuntu.com-20100721135400-b3icuofpj0tgzmye
Tags: 5.4.0.42111-2ubuntu1.1
* SECURITY UPDATE: local access restrictions bypass.
- Set the Administrator account as disabled when first provisioned.
- Explicitly mark lsassd local provider accounts accounts as disabled
if the account exists in its initial provisioned state
- Force pam password changes, when run under the context of root services,
to require the existing password for authentication
- Enforce the "user cannot change password" field on local provider
account in the provider interface as well as the RPC server interface
- CVE-2010-0833
* likewise-open.postinst
- Ensure that lsassd is properly restarted after upgrade