103659 2005-08-24 21:57 0000 sys-auth/pam_ldap authentication bypass vulnerability (CAN-2005-2641) 2005-08-31 09:10:48 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://www.kb.cert.org/vuls/id/778916 B3? [glsa] jaervosz P2 minor --- 1 jaervosz@gentoo.org security@gentoo.org pam-bugs@gentoo.org rockoo@gmail.com jaervosz@gentoo.org 2005-08-24 21:57:59 0000 Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. jaervosz@gentoo.org 2005-08-24 21:59:11 0000 PAM herd please verify and bump as needed. robbat2@gentoo.org 2005-08-24 23:08:38 0000 in cvs. hansmi@gentoo.org 2005-08-25 01:12:07 0000 Stable on hppa and ppc. Works on x86 for me, too. gustavoz@gentoo.org 2005-08-25 07:10:59 0000 sparc stable. blubb@gentoo.org 2005-08-28 05:12:06 0000 amd64 stable. removing x86 from cc since it seems that it's already marked stable koon@gentoo.org 2005-08-28 09:45:07 0000 Ready for GLSA vote. I tend to vote YES. dercorny@gentoo.org 2005-08-28 10:22:47 0000 /me says yes, too koon@gentoo.org 2005-08-29 07:50:26 0000 Make mine a full yes. GLSA needed jaervosz@gentoo.org 2005-08-31 09:10:48 0000 GLSA 200508-22