OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pam_krb5?expand=0&rev=31

pam_krb5-2.3.4-1.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6b9cbb260a50085c22107d06c2e73d6f757a1e3901e2eae61406b90bed9e59da
-size 426907

pam_krb5-2.3.5-1.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cfaeb97b1aeaa76749743d4c34bab86a955354e0a2ee0d929df91955dde3f8f0
+size 428279

pam_krb5.changes

@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Jun  8 09:52:00 CEST 2009 - mc@suse.de
+
+- update to version 2.333.5
+  * make prompting behavior for non-existent accounts and users who
+    just press enter match up with those who aren't/don't (#502602,
+    CVE-2009-1384) 
+
 -------------------------------------------------------------------
 Wed May 20 11:49:22 CEST 2009 - mc@suse.de
 

pam_krb5.spec

@@ -1,5 +1,5 @@
 #
-# spec file for package pam_krb5 (Version 2.3.4)
+# spec file for package pam_krb5 (Version 2.3.5)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -30,7 +30,7 @@ AutoReqProv:    on
 Obsoletes:      pam_krb5-64bit
 %endif
 #
-Version:        2.3.4
+Version:        2.3.5
 Release:        1
 Summary:        PAM Module for Kerberos Authentication
 Url:            http://sourceforge.net/projects/pam-krb5/
@@ -96,6 +96,11 @@ rm -rf $RPM_BUILD_ROOT
 %attr(755,root,root) /usr/bin/afs5log
 
 %changelog
+* Mon Jun 08 2009 mc@suse.de
+- update to version 2.333.5
+  * make prompting behavior for non-existent accounts and users who
+  just press enter match up with those who aren't/don't (#502602,
+  CVE-2009-1384)
 * Wed May 20 2009 mc@suse.de
 - update to version 2.3.4
   * don't request password-changing credentials using the same options