Re: [blfs-book] [BLFS Trac] #14306: Linux-PAM-1.5.1 (CVE-2020-27780) (was: Linux-PAM-1.5.1)

BLFS Trac via blfs-book Thu, 26 Nov 2020 01:36:56 -0800

#14306: Linux-PAM-1.5.1 (CVE-2020-27780)
-------------------------+------------------------
 Reporter:  bdubbs       |       Owner:  blfs-book
     Type:  enhancement  |      Status:  new
 Priority:  high         |   Milestone:  10.1
Component:  BOOK         |     Version:  SVN
 Severity:  normal       |  Resolution:
 Keywords:               |
-------------------------+------------------------
Changes (by xry111):


 * priority:  normal => high


Comment:

 {{{
 Release 1.5.1
 * pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
             doesn't exist and root password is blank
 * pam_faillock: added nodelay option to not set pam_fail_delay
 * pam_wheel: use pam_modutil_user_in_group to check for the group
 membership
              with getgrouplist where it is available
 }}}

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14306#comment:1>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [blfs-book] [BLFS Trac] #14306: Linux-PAM-1.5.1 (CVE-2020-27780) (was: Linux-PAM-1.5.1)

Reply via email to