========================================================================== Ubuntu Security Notice USN-4552-2 October 21, 2020
pam-python vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Pam-python could be made to crash or run programs as an administrator if certain environment variables are set. Software Description: - pam-python: Enables PAM modules to be written in Python Details: Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libpam-python 1.0.4-1.1+deb8u1build0.16.04.1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4552-2 https://usn.ubuntu.com/4552-1 CVE-2019-16729 Package Information: https://launchpad.net/ubuntu/+source/pam-python/1.0.4-1.1+deb8u1build0.16.04.1
signature.asc
Description: OpenPGP digital signature
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
