Viewing all changes in revision 16.
- Committer: Bazaar Package Importer
- Date: 2010-07-21 13:54:00 UTC
- Revision ID: james.westby@ubuntu.com-20100721135400-b3icuofpj0tgzmye
* SECURITY UPDATE: local access restrictions bypass.
- Set the Administrator account as disabled when first provisioned.
- Explicitly mark lsassd local provider accounts accounts as disabled
if the account exists in its initial provisioned state
- Force pam password changes, when run under the context of root services,
to require the existing password for authentication
- Enforce the "user cannot change password" field on local provider
account in the provider interface as well as the RPC server interface
- CVE-2010-0833
* likewise-open.postinst
- Ensure that lsassd is properly restarted after upgrade
- Set the Administrator account as disabled when first provisioned.
- Explicitly mark lsassd local provider accounts accounts as disabled
if the account exists in its initial provisioned state
- Force pam password changes, when run under the context of root services,
to require the existing password for authentication
- Enforce the "user cannot change password" field on local provider
account in the provider interface as well as the RPC server interface
- CVE-2010-0833
* likewise-open.postinst
- Ensure that lsassd is properly restarted after upgrade
- files added:
- debian/patches/lp-security-CVE-2010-0833.diff
- files modified:
- debian/changelog
expand all
collapse all
added
removed
