commit pam for openSUSE:Factory

Source-Sync Fri, 20 Jun 2025 07:48:17 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package pam for openSUSE:Factory checked in 
at 2025-06-20 16:48:00
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pam (Old)
 and      /work/SRC/openSUSE:Factory/.pam.new.31170 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "pam"

Fri Jun 20 16:48:00 2025 rev:145 rq:1286682 version:1.7.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/pam/pam.changes  2025-03-31 11:36:55.072585709 
+0200
+++ /work/SRC/openSUSE:Factory/.pam.new.31170/pam.changes       2025-06-20 
16:48:01.624825357 +0200
@@ -1,0 +2,19 @@
+Wed Jun 18 12:01:57 UTC 2025 - Thorsten Kukuk <ku...@suse.com>
+
+- hardcode disabling elogind, meson detection is unreliable in OBS
+
+-------------------------------------------------------------------
+Wed Jun 18 05:38:35 UTC 2025 - Thorsten Kukuk <ku...@suse.com>
+
+- Update to version 1.7.1
+  - pam_access: do not resolve ttys or display variables as hostnames.
+  - pam_access: added "nodns" option to disallow resolving of tokens
+    as hostnames (CVE-2024-10963).
+  - pam_limits: added support for rttime (RLIMIT_RTTIME).
+  - pam_namespace: fixed potential privilege escalation (CVE-2025-6020).
+  - meson: added support of elogind as a logind provider.
+  - Multiple minor bug fixes, build fixes, portability fixes,
+    documentation improvements, and translation updates.
+- pam_access-rework-resolving-of-tokens-as-hostname.patch got obsoleted
+
+-------------------------------------------------------------------
@@ -1244 +1262,0 @@
-

Old:
----
  Linux-PAM-1.7.0.tar.xz
  Linux-PAM-1.7.0.tar.xz.asc
  pam_access-rework-resolving-of-tokens-as-hostname.patch

New:
----
  Linux-PAM-1.7.1.tar.xz
  Linux-PAM-1.7.1.tar.xz.asc

----------(Old B)----------
  Old:    documentation improvements, and translation updates.
- pam_access-rework-resolving-of-tokens-as-hostname.patch got obsoleted
----------(Old E)----------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ pam.spec ++++++
--- /var/tmp/diff_new_pack.mEyAWN/_old  2025-06-20 16:48:02.912878806 +0200
+++ /var/tmp/diff_new_pack.mEyAWN/_new  2025-06-20 16:48:02.912878806 +0200
@@ -70,7 +70,7 @@
 #
 Name:           pam%{name_suffix}
 #
-Version:        1.7.0
+Version:        1.7.1
 Release:        0
 Summary:        A Security Tool that Provides Authentication for Applications
 License:        GPL-2.0-or-later OR BSD-3-Clause
@@ -93,8 +93,6 @@
 Source23:       postlogin-password.pamd
 Source24:       postlogin-session.pamd
 Patch1:         pam-limit-nproc.patch
-# PATCH-FIX-UPSTREAM: CVE-2024-10963
-Patch2:         pam_access-rework-resolving-of-tokens-as-hostname.patch
 BuildRequires:  audit-devel
 BuildRequires:  bison
 BuildRequires:  flex
@@ -221,7 +219,10 @@
        -Dlogind=disabled \
        -Dpam_userdb=disabled \
        -Ddocs=disabled \
+%else
+       -Dlogind=enabled \
 %endif
+       -Delogind=disabled \
        -Dexamples=false \
        -Dnis=disabled
 %meson_build

++++++ Linux-PAM-1.7.0.tar.xz -> Linux-PAM-1.7.1.tar.xz ++++++
++++ 17131 lines of diff (skipped)

commit pam for openSUSE:Factory

Reply via email to