Headline
CVE-2019-16729: Debian Package Tracker
pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Format: 1.8 Date: Wed, 18 Sep 2019 20:25:13 +1000 Source: pam-python Binary: libpam-python libpam-python-dbgsym libpam-python-doc Architecture: source amd64 all Version: 1.0.7-1 Distribution: unstable Urgency: high Maintainer: Russell Stuart [email protected] Changed-By: Russell Stuart [email protected] Description: libpam-python - Enables PAM modules to be written in Python libpam-python-doc - Documentation for the bindings provided by libpam-python Changes: pam-python (1.0.7-1) unstable; urgency=high . * New upstream. Checksums-Sha1: 13792bdb8286d2942a90e9e83cd6b8e427f108bd 1961 pam-python_1.0.7-1.dsc f2c303011b3cd61a88d3fcab845c30ceac46356c 47487 pam-python_1.0.7.orig.tar.gz 328aac8c65742534bb70fffadc44b3ff39821bc4 14444 pam-python_1.0.7-1.debian.tar.xz 8169b63698dd49bdc72969d683925fa3c8194482 49544 libpam-python-dbgsym_1.0.7-1_amd64.deb 7342e17ce735c164b9ab51469924db1b02a2860e 54216 libpam-python-doc_1.0.7-1_all.deb ad04838c6c47b83fc7684431a9b5a1b483ccd2fc 29736 libpam-python_1.0.7-1_amd64.deb fac1721938134d71f53e1612fc5cfaa5ecf1bad7 8375 pam-python_1.0.7-1_amd64.buildinfo Checksums-Sha256: a17b6b97a8595d2a7c675d2ad2ffcc5bdb758a1d110366e966928e7cea05a5b7 1961 pam-python_1.0.7-1.dsc 96ce72fe355b03b87c0eb540ecef06f33738f98f56581e81eb5bffbad1a47e07 47487 pam-python_1.0.7.orig.tar.gz e0347d1fbd8ef513b0ffab295d9a21af85023db57570f4376ac0e14bd0f97b42 14444 pam-python_1.0.7-1.debian.tar.xz 46895904cfca2594b5907c1df54ace39aeba2c4bfc16c8336b8c9745bff445d6 49544 libpam-python-dbgsym_1.0.7-1_amd64.deb 8b855eacf01205c7c0ebcb606d6263d0e9936b036f0a21e867949a48e5389b65 54216 libpam-python-doc_1.0.7-1_all.deb b8ebf514996c4082e942a30c21e03408351454729b70a84724e567be39617ed4 29736 libpam-python_1.0.7-1_amd64.deb 892564dae6899af1704003a85b5e895d00330bb027a1dbd8fb4beeabd9b468ae 8375 pam-python_1.0.7-1_amd64.buildinfo Files: 043ab8fd69c3bc5099c16e0bdaf24208 1961 admin optional pam-python_1.0.7-1.dsc 55153c1a8015a7ede87985fa6816db78 47487 admin optional pam-python_1.0.7.orig.tar.gz 1729d21155d32bd146088f4210f410ab 14444 admin optional pam-python_1.0.7-1.debian.tar.xz 2ab74a8d5fcd74b655b059b76b8d9670 49544 debug optional libpam-python-dbgsym_1.0.7-1_amd64.deb 942bc7e6443aac9c0eaca34d89db04be 54216 doc optional libpam-python-doc_1.0.7-1_all.deb 07d1730fbb343a85a8c52ce6d1c3d69f 29736 admin optional libpam-python_1.0.7-1_amd64.deb 9e7c02ea01afe05cb1441ff137cd469c 8375 admin optional pam-python_1.0.7-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZqiOeH6lCkTWvjmorNSfiF5UUm4FAl2GJgwACgkQrNSfiF5U Um6qRw//YB6R1EoUlm6/Ox+JBrM8XdzupdBBlT94qtS3C68m9G9mkFBjLo/ANUNv td4DpGewVHQPg8lUp9+gHvRFCNFyLwjo1xCk/1DCyfZuLvIic/WB279M/Ylsv0ay GKLeEJyc6Beq6ISazgwD0ErdLC6S4SBJvaewz/7D/PnK8HeB2ZZOt5knwmELJq++ E870ZH8LDIzzkQ6DR/Ae0308ho7wVREOICM1lDIbuYaKro2+rmDPr3+cgCTfW7BM hagaFG2SMmKnJ2oT35meLGGL6fFX2vuJ+9VVkObSmYrY1RyCnAAHbd8cPOtQ/sPP 97xUSKydJOdvuKWveKG2+1WkSpbwMAcAuoqPBAUKkVHWLMdw7vURNwM9RVPLxbea noAU3aUzNTDidBNnkskTbGmu75XI2xqc6xJceXaXnszu70p8TUKwU9lDmLMNdUWj UkHJsbl6mONojIoy9L9fLdINOb6TZNS7/kgiiE7eMHizRi8zVXtsmDRXDrnhom7A ldAhc7091eT3XICLtk30g/FUHdubcDRCWnc3lpaKx3GNVcztS8UZhbhWMZGytkWe GUlrRyRDTkyt+hStKc9t524h/WxSytFq8Pn+EKnleI+wWGbGs0h6FU3UortaCFZC ngwEHFqdsPvRVAZPXKkvm/HNgSTkqdmlDv3LIkXTyxi04ktXMRI= =sYh5 -----END PGP SIGNATURE-----