Ubuntu Security Notice USN-964-2
29th July, 2010
likewise-open regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
Summary
Regression when starting services.
Software description
- likewise-open - Authentication services for Active Directory Domains
Details
USN-964-1 fixed vulnerabilities in Likewise Open. The upstream fixes
were incomplete, which caused problems running certain services. This
update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Matt Weatherford discovered that Likewise Open did not correctly check
password expiration for the local-provider account. A local attacker could
exploit this to log into a system they would otherwise not have access to.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 10.04 LTS:
- likewise-open 5.4.0.42111-2ubuntu1.2
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.