Module Name: src Committed By: bouyer Date: Sat Nov 19 14:00:18 UTC 2011
Modified Files: src/doc [netbsd-5]: CHANGES-5.2 Log Message: ticket 1696 To generate a diff of this commit: cvs rdiff -u -r1.1.2.116 -r1.1.2.117 src/doc/CHANGES-5.2 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/doc/CHANGES-5.2 diff -u src/doc/CHANGES-5.2:1.1.2.116 src/doc/CHANGES-5.2:1.1.2.117 --- src/doc/CHANGES-5.2:1.1.2.116 Fri Nov 18 23:27:59 2011 +++ src/doc/CHANGES-5.2 Sat Nov 19 14:00:18 2011 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.2,v 1.1.2.116 2011/11/18 23:27:59 sborrill Exp $ +# $NetBSD: CHANGES-5.2,v 1.1.2.117 2011/11/19 14:00:18 bouyer Exp $ A complete list of changes from the NetBSD 5.1 release to the NetBSD 5.2 release: @@ -5812,3 +5812,15 @@ sys/dev/pci/if_age.c 1.40 via patch not be properly reenabled after this, leading do watchdog timeouts. [bouyer, ticket #1694] +dist/openpam/lib/openpam_configure.c 1.6 + + Don't allow '/' characters in the "service" argument to pam_start() + The "service" is blindly appended to config directories ("/etc/pam.d/"), + and if a user can control the "service" it can get PAM to read config + files from any location. + This is not a problem with most software because the "service" is + usually a constant string. The check protects 3rd party software + from being abused. + (CVE-2011-4122) + [drochner, ticket #1696] +