pam-python vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 18.04 LTS

Summary

Pam-python could be made to crash or run programs as an
administrator if certain environment variables are set.

Software Description

* pam-python - Enables PAM modules to be written in Python

Details

Malte Kraus discovered that Pam-python mishandled certain
environment variables. A local attacker could potentially use this
vulnerability to execute programs as root.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 18.04 LTS
libpam-python - 1.0.6-1.1+deb10u1build0.18.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary
changes.

References

* CVE-2019-16729

--- Mystic BBS v1.12 A46 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

pam-python vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 16.04 LTS

Summary

Pam-python could be made to crash or run programs as an
administrator if certain environment variables are set.

Software Description

* pam-python - Enables PAM modules to be written in Python

Details

Malte Kraus discovered that Pam-python mishandled certain
environment variables. A local attacker could potentially use this
vulnerability to execute programs as root.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 16.04 LTS
libpam-python - 1.0.4-1.1+deb8u1build0.16.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary
changes.

References

* USN-4552-1
* CVE-2019-16729

--- Mystic BBS v1.12 A46 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)