SHA256
1
0
forked from pool/pam
pam/Linux-PAM-1.6.0.tar.xz
Thorsten Kukuk e352b2c661 - Update to version 1.6.0
- Added support of configuration files with arbitrarily long lines.
  - build: fixed build outside of the source tree.
  - libpam: added use of getrandom(2) as a source of randomness if available.
  - libpam: fixed calculation of fail delay with very long delays.
  - libpam: fixed potential infinite recursion with includes.
  - libpam: implemented string to number conversions validation when parsing
    controls in configuration.
  - pam_access: added quiet_log option.
  - pam_access: fixed truncation of very long group names.
  - pam_canonicalize_user: new module to canonicalize user name.
  - pam_echo: fixed file handling to prevent overflows and short reads.
  - pam_env: added support of '\' character in environment variable values.
  - pam_exec: allowed expose_authtok for password PAM_TYPE.
  - pam_exec: fixed stack overflow with binary output of programs.
  - pam_faildelay: implemented parameter ranges validation.
  - pam_listfile: changed to treat \r and \n exactly the same in configuration.
  - pam_mkhomedir: hardened directory creation against timing attacks.
  - Please note that using *at functions leads to more open file handles
    during creation.
  - pam_namespace: fixed potential local DoS (CVE-2024-22365).
  - pam_nologin: fixed file handling to prevent short reads.
  - pam_pwhistory: helper binary is now built only if SELinux support is
    enabled.
  - pam_pwhistory: implemented reliable usernames handling when remembering
    passwords.
  - pam_shells: changed to allow shell entries with absolute paths only.
  - pam_succeed_if: fixed treating empty strings as numerical value 0.
  - pam_unix: added support of disabled password aging.
  - pam_unix: synchronized password aging with shadow.

OBS-URL: https://build.opensuse.org/package/show/Linux-PAM/pam?expand=0&rev=280
2024-01-18 09:18:10 +00:00

1024 KiB (Stored with Git LFS)