From 2bdc25a49844f9b2a645fee4b092011bcbc703af Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Thu, 26 Nov 2020 09:26:40 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/pam.git#15ec0223edf65e5f4ae94e790912ac879c9cab98 --- .gitignore | 2 ++ pam.spec | 7 ++++++- sources | 4 ++-- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 6feb1e9..c51dde3 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,5 @@ /Linux-PAM-1.4.0.tar.xz.asc /Linux-PAM-1.5.0.tar.xz /Linux-PAM-1.5.0.tar.xz.asc +/Linux-PAM-1.5.1.tar.xz +/Linux-PAM-1.5.1.tar.xz.asc diff --git a/pam.spec b/pam.spec index eb4ed04..f52479b 100644 --- a/pam.spec +++ b/pam.spec @@ -2,7 +2,7 @@ Summary: An extensible library which provides authentication for applications Name: pam -Version: 1.5.0 +Version: 1.5.1 Release: 1%{?dist} # The library is BSD licensed with option to relicense as GPLv2+ # - this option is redundant as the BSD license allows that anyway. @@ -361,6 +361,11 @@ done %doc doc/sag/*.txt doc/sag/html %changelog +* Thu Nov 26 2020 Iker Pedrosa - 1.5.1-1 +- Rebase to release 1.5.1 +- fix CVE-2020-27780: authentication bypass when the user doesn't exist + and root password is blank (#1901173) + * Wed Nov 11 2020 Iker Pedrosa - 1.5.0-1 - Rebase to release 1.5.0 - Rebase to pam-redhat-1.1.4 diff --git a/sources b/sources index 908f61d..aea6b8e 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (Linux-PAM-1.5.0.tar.xz) = 27be57465371f86c101f93c15f4475e63867c02f8f5af40d3f83b2106bfc8a46b8079302214e17f198ef903dc35b72d00b0e9bdff63ed2ecd8c69543e278f4bf -SHA512 (Linux-PAM-1.5.0.tar.xz.asc) = be90e6ebcc01933c109cb1715bcb303f29b56cb1e00b684bada804fa9d2390cec09551fefaf3529f3f12ba0f57bc83976021a0c16a42f5a3067d87dec94e5ad0 +SHA512 (Linux-PAM-1.5.1.tar.xz) = 1db091fc43b934dde220f1b85f35937fbaa0a3feec699b2e597e2cdf0c3ce11c17d36d2286d479c9eed24e8ca3ca6233214e4dff256db47249e358c01d424837 +SHA512 (Linux-PAM-1.5.1.tar.xz.asc) = c3937c57dda4d83139bfd546a8e6eccf7dda03cbd485355af78488b0629157a575d442312a3f38734e70b6c164b259597cd6d1d8dc0611cd0d157e1bbe5900d0 SHA512 (pam-redhat-1.1.4.tar.bz2) = ad3b53744505faf7c93b1f0c1ef4434c2567b97e292859963401b0c117e824704713c69f7a661cccd3aecd1208facb39c433703c1f3cdea1dbda2c380006bfc4