Your message dated Mon, 15 Jun 2026 20:59:13 -0600
with message-id <[email protected]>
and subject line Over taken by events
has caused the Debian Bug report #1110326,
regarding pam: needs to be upgraded after apparmor to avoid broken login
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1110326: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110326
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: pam
Version: 1.7.0-5
Severity: grave
Justification: may breaks the whole system (loggin)
X-Debbugs-CC: [email protected]
X-Debbugs-CC: Debian Security Team <[email protected]>
Hi,
Following fix of CVE-2024-10041 pam now use /usr/sbin/unix_chkpwd
inconditionnaly
If someone use apparmor login or user then login will fail, may be some time
latter due to expired password or other unix configuration
see https://bugzilla.opensuse.org/show_bug.cgi?id=1219139
https://salsa.debian.org/apparmor-team/apparmor/-/commit/243162ca2938b391724f547596787c7f77d1fc5f
I order to be in the safe side could you add Breaks: apparmor-profiles (<<
4.1.0-1~) or may be Pre-Depends:
apparmor need to be updated before pam.
I know it is late in the release cycle, but I just detected trying to debug
stuff for pam.
Maybe postone
Thanks
rouca
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---
This did not make it into trixie, and so it definitely does not affect
unstable.
If it's just samba being broken, it's probably not worth a trixie
update.
--- End Message ---
