Debian Patches
Status for pam/1.5.2-6+deb12u2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| upstream/0001-pam_inline-introduce-pam_asprintf-pam_snprintf-and-p.patch | pam_inline: introduce pam_asprintf(), pam_snprintf(), and pam_sprintf() pam_asprintf() is essentially asprintf() with the following semantic pam_snprintf() is essentially snprintf() with the following semantic pam_sprintf() is essentially snprintf() but with a check that the buffer is an array, and with an automatically calculated buffer size. Use of these helpers would make error checking simpler. |
"Dmitry V. Levin" <ldv@strace.io> | no | 2025-02-18 | ||
| upstream/0002-pam_namespace-from-v1.7.1.patch | pam_namespace from v1.7.1 Pull in pam_namespace from v1.7.1. We did not have any local changes, and this includes the fix for CVE-2025-6020. The commits fall into the following categories: * specific to this security issue * error handling issues that are very likely correct and that it is easier to take than to convince ourselves cannot be exploited in their own right. * Cleanup that made the patch for this security issue easier to audit and that created abstractions needed by the patch for this security issue. I.E. it's obvious that since the issue was reported the maintainers and reporters were working on cleaning up the code to get a cleaner patch to this issue. * harmless (replacing needless asprintf with strdup) |
Sam Hartman <hartmans@debian.org> | no | 2025-06-26 | ||
| 0003-pam_namespace-adjust-paths-back-to-bookworm.patch | pam_namespace: adjust paths back to bookworm The 1.7.0 code uses newer path macros for the secure config_dir. Adjust back to what bookworm expects. |
Sam Hartman <hartmans@debian.org> | no | 2025-08-10 | ||
| 0004-configure.ac-secure-memory-erasure.patch | configure.ac: secure memory erasure Check for non-optimized memory erase functions introduced in the pam_namespace fix. These are not used by the rest of the code at this time. |
=?utf-8?q?Bastien_Roucari=C3=A8s?= <rouca@debian.org> | no | 2025-07-23 |
All known versions for source package 'pam'
- 1.7.0-5 (forky, trixie, sid)
- 1.5.2-6+deb12u2 (bookworm-proposed-updates)
- 1.5.2-6+deb12u1 (bookworm)