~ubuntu-core-dev/ubuntu/+source/pam/+git/pam:natty

Last commit made on 2019-02-13
Get this branch:
git clone -b natty https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/pam/+git/pam
Members of Ubuntu Core Development Team can upload to this branch. Log in for directions.

Branch merges

Branch information

Recent commits

0f3b8f9... by Marc Deslauriers on 2011-10-18

Import Debian changes 1.1.2-2ubuntu8.4

pam (1.1.2-2ubuntu8.4) natty-security; urgency=low

  * SECURITY UPDATE: possible code execution via incorrect environment file
    parsing (LP: #874469)
    - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
      whitespace when parsing environment file in modules/pam_env/pam_env.c.
    - CVE-2011-3148
  * SECURITY UPDATE: denial of service via overflowed environment variable
    expansion (LP: #874565)
    - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
      with PAM_BUF_ERR in modules/pam_env/pam_env.c.
    - CVE-2011-3149
  * SECURITY UPDATE: code execution via incorrect environment cleaning
    - debian/patches-applied/update-motd: updated to use clean environment
      and absolute paths in modules/pam_motd/pam_motd.c.
    - CVE-2011-XXXX

ae91cc2... by Marc Deslauriers on 2011-05-31

Import Debian changes 1.1.2-2ubuntu8.3

pam (1.1.2-2ubuntu8.3) natty-security; urgency=low

  * SECURITY REGRESSION:
    - debian/patches/security-dropprivs.patch: updated patch to preserve
      ABI and prevent daemons from needing to be restarted. (LP: #790538)
    - debian/patches/autoconf.patch: refreshed

a43c870... by Marc Deslauriers on 2011-05-19

Import Debian changes 1.1.2-2ubuntu8.2

pam (1.1.2-2ubuntu8.2) natty-security; urgency=low

  * SECURITY UPDATE: multiple issues with lack of adequate privilege
    dropping
    - debian/patches/security-dropprivs.patch: introduce new privilege
      dropping code in libpam/pam_modutil_priv.c, libpam/Makefile.*,
      libpam/include/security/pam_modutil.h, libpam/libpam.map,
      modules/pam_env/pam_env.c, modules/pam_mail/pam_mail.c,
      modules/pam_xauth/pam_xauth.c.
    - CVE-2010-3430
    - CVE-2010-3431
    - CVE-2010-3435
    - CVE-2010-4706
    - CVE-2010-4707
  * SECURITY UPDATE: privilege escalation via incorrect environment
    - debian/patches/CVE-2010-3853.patch: use clean environment in
      modules/pam_namespace/pam_namespace.c.
    - CVE-2010-3853
  * debian/patches-applied/series: disable hurd_no_setfsuid patch, as it
    isn't needed for Ubuntu, and it needs to be rewritten to work with the
    massive privilege refactoring in the security patches.

c0c54a7... by Dustin Kirkland  on 2011-04-27

Import Debian changes 1.1.2-2ubuntu8.1

pam (1.1.2-2ubuntu8.1) natty-proposed; urgency=low

  * debian/patches-applied/update-motd: santize the environment before
    calling run-parts, LP: #610125

1ac0e56... by Stéphane Graber on 2011-04-12

releasing version 1.1.2-2ubuntu8

de9c65f... by Steve Langasek on 2011-04-05

releasing version 1.1.2-2ubuntu7

539d55a... by Steve Langasek on 2011-04-05

debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
bump the hard limit for number of file descriptors, to keep pace with
the changes in the kernel. Fortunately this shadowing should all go
away next cycle when we can start to grab defaults directly from /proc.
LP: #663090

8e2114d... by Steve Langasek on 2011-03-29

releasing version 1.1.2-2ubuntu6

c7af0a7... by Steve Langasek on 2011-03-29

debian/libpam0g.postinst: according to Kubuntu developers, kdm no longer
keeps libpam loaded persistently at runtime, so it's not necessary to
force a kdm restart on ABI bump. Which is good, since restarting kdm
now seems to also log users out of running sessions, which we rather
want to avoid. LP: #744944.

818ab7d... by Steve Langasek on 2011-03-22

releasing version 1.1.2-2ubuntu5