Linux-PAM 1.5.1 released
Dmitry V. Levin
ldv at altlinux.org
Wed Nov 25 18:34:53 UTC 2020
Hello,
I'm happy to announce that Linux-PAM 1.5.1 has been released.
Noteworthy changes in Linux-PAM 1.5.1:
* pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
doesn't exist and root password is blank
* pam_faillock: added nodelay option to not set pam_fail_delay
* pam_wheel: use pam_modutil_user_in_group to check for the group membership
with getgrouplist where it is available
Release link with the tarballs and their signatures for download:
https://github.com/linux-pam/linux-pam/releases/tag/v1.5.1
Dmitry V. Levin, Tomas Mraz, Thorsten Kukuk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pam-list/attachments/20201125/39fd5ab9/attachment.sig>
More information about the Pam-list
mailing list