diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:38:36 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:38:36 +0000 |
| commit | f03a6cee3de793ea6afa30b147e947b215d00011 (patch) | |
| tree | c207fc88f43b0a66b17464d447cae7c98d9d41af /debian/patches-applied/cve-2010-4708.patch | |
| parent | Adding upstream version 1.3.1. (diff) | |
| download | pam-f03a6cee3de793ea6afa30b147e947b215d00011.tar.xz pam-f03a6cee3de793ea6afa30b147e947b215d00011.zip | |
Adding debian version 1.3.1-5.debian/1.3.1-5debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches-applied/cve-2010-4708.patch')
| -rw-r--r-- | debian/patches-applied/cve-2010-4708.patch | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/debian/patches-applied/cve-2010-4708.patch b/debian/patches-applied/cve-2010-4708.patch new file mode 100644 index 0000000..0ab2a8e --- /dev/null +++ b/debian/patches-applied/cve-2010-4708.patch @@ -0,0 +1,53 @@ +Description: fix cve-2010-4708: .pam_environment privilege issue +Index: pam/modules/pam_env/pam_env.c +=================================================================== +--- pam.orig/modules/pam_env/pam_env.c ++++ pam/modules/pam_env/pam_env.c +@@ -10,7 +10,7 @@ + #define DEFAULT_READ_ENVFILE 1 + + #define DEFAULT_USER_ENVFILE ".pam_environment" +-#define DEFAULT_USER_READ_ENVFILE 1 ++#define DEFAULT_USER_READ_ENVFILE 0 + + #include "config.h" + +Index: pam/modules/pam_env/pam_env.8.xml +=================================================================== +--- pam.orig/modules/pam_env/pam_env.8.xml ++++ pam/modules/pam_env/pam_env.8.xml +@@ -158,7 +158,7 @@ + <listitem> + <para> + Turns on or off the reading of the user specific environment +- file. 0 is off, 1 is on. By default this option is on. ++ file. 0 is off, 1 is on. By default this option is off. + </para> + </listitem> + </varlistentry> +Index: pam/modules/pam_env/pam_env.8 +=================================================================== +--- pam.orig/modules/pam_env/pam_env.8 ++++ pam/modules/pam_env/pam_env.8 +@@ -101,7 +101,7 @@ + .PP + \fBuser_readenv=\fR\fB\fI0|1\fR\fR + .RS 4 +-Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is on\&. ++Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is off\&. + .RE + .SH "MODULE TYPES PROVIDED" + .PP +Index: pam/modules/pam_env/README +=================================================================== +--- pam.orig/modules/pam_env/README ++++ pam/modules/pam_env/README +@@ -57,7 +57,7 @@ + user_readenv=0|1 + + Turns on or off the reading of the user specific environment file. 0 is +- off, 1 is on. By default this option is on. ++ off, 1 is on. By default this option is off. + + EXAMPLES + |