Sync from SUSE:ALP:Source:Standard:1.0 pam_u2f revision 56117e71fd3010963a422dceeeb24eba

2025-03-04 09:24:31 +01:00
parent 66ae4f258a
commit 021baffd55
6 changed files with 24 additions and 5 deletions
--- a/pam_u2f-1.3.0.tar.gz
+++ b/pam_u2f-1.3.0.tar.gz
--- a/pam_u2f-1.3.0.tar.gz.sig
+++ b/pam_u2f-1.3.0.tar.gz.sig
--- a/pam_u2f-1.3.2.tar.gz
+++ b/pam_u2f-1.3.2.tar.gz
--- a/pam_u2f-1.3.2.tar.gz.sig
+++ b/pam_u2f-1.3.2.tar.gz.sig
--- a/pam_u2f.changes
+++ b/pam_u2f.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Tue Jan 21 13:52:59 UTC 2025 - Paolo Perego <paolo.perego@suse.com>
+
+- update to 1.3.2:
+  * Relax authfile permission check to a warning instead of an error to prevent
+    a breaking change locking existing users out of their systems. 
+
+-------------------------------------------------------------------
+Wed Jan 15 10:02:56 UTC 2025 - Paolo Perego <paolo.perego@suse.com>
+
+- update to 1.3.1:
+  * Fix incorrect usage of PAM_IGNORE (YSA-2025-01, CVE-2025-23013).
+  * Changed return value when nouserok is enabled and the user has no
+  credentials, PAM_IGNORE is used instead of PAM_SUCCESS.
+  * Hardened checks of authfile permissions.
+  * Hardened checks for nouserok.
+  * Improved debug messages.
+  * Improved documentation. 
+
 -------------------------------------------------------------------
 Sat Apr 15 12:01:02 UTC 2023 - Dirk Müller <dmueller@suse.com>

--- a/pam_u2f.spec
+++ b/pam_u2f.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package pam_u2f
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
 %{!?_pam_moduledir: %define _pam_moduledir /%{_lib}/security}

 Name:           pam_u2f
-Version:        1.3.0
+Version:        1.3.2
 Release:        0
 Summary:        U2F authentication integration into PAM
 License:        BSD-2-Clause