The verification of the Stable Release Update for adsys has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: Fix Committed Bug description: [Impact] Memory leaks in adsys pam modules. [Test Plan] 1. Install SRU version of adsys 2. Login as an user 3. Ensure that you can still login successfully. [Where problems could occur] Login can be disabled due to the PAM module crashing. There is only one code path leading to that, so easy to detect. -------------- These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this. pam_adsys.c update_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to work but I don't think that's how that API is supposed to be used pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
