* SECURITY UPDATE: PAM settings allowed any local user to issue remote API
commands (LP: #1031375)
- debian/patches/pam-auth-root-xapi-group: Xapi only authenticates the
root user when making API calls over HTTP. Based on Debian patch.
-- Mike McClurg <email address hidden> Thu, 26 Jul 2012 15:30:25 +0100
This bug was fixed in the package xen-api - 1.3.2-5ubuntu0.1
---------------
xen-api (1.3.2-5ubuntu0.1) precise-security; urgency=low
* SECURITY UPDATE: PAM settings allowed any local user to issue remote API patches/ pam-auth- root-xapi- group: Xapi only authenticates the
commands (LP: #1031375)
- debian/
root user when making API calls over HTTP. Based on Debian patch.
-- Mike McClurg <email address hidden> Thu, 26 Jul 2012 15:30:25 +0100