Is Ubuntu/Linux really affected by that CVE? It really looks like it is specific to Suse.
I tried to reproduce on ubuntu what was described in the original report at SUSE https://bugzilla.suse.com/show_bug.cgi?id=1197654: -:user1:ALL EXCEPT 127.0.0.1 and on ubuntu, it was the correct behaviour. Could not connect beside via 127.0.0.1. ** Bug watch added: bugzilla.suse.com/ #1197654 https://bugzilla.suse.com/show_bug.cgi?id=1197654 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/2006073 Title: PAM: CVE-2022-28321 patch not correctly applied Status in pam package in Ubuntu: Fix Released Bug description: In the latest update for PAM, the patch was added to "debian/patches" instead of "debian/patches-applied" where all other PAM patches reside. pam (1.3.1-5ubuntu4.4) focal-security; urgency=medium * SECURITY UPDATE: authentication bypass vulnerability - debian/patches/CVE-2022-28321.patch: pam_access: handle hostnames in access.conf - CVE-2022-28321 -- Nishit Majithia <nishit.majit...@canonical.com> Tue, 24 Jan 2023 17:15:43 +0530 While building, it picks up all patches from debian/patches-applied but not debian/patches. The build passes but the CVE fix is not applied. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2006073/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp