diff options
| -rw-r--r-- | debian/changelog | 9 | ||||
| -rw-r--r-- | debian/patches-applied/055_pam_unix_nullok_secure | 8 |
2 files changed, 13 insertions, 4 deletions
diff --git a/debian/changelog b/debian/changelog index 153e21ff..d6c155a2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +pam (1.0.1-3) UNRELEASED; urgency=high + + * 055_pam_unix_nullok_secure: don't call _pammodutil_tty_secure with a NULL + tty argument, since this will cause our helper to segfault instead of + returning a useful value. Thanks to Troy Davis for the report. + Closes: #495806. + + -- Steve Langasek <vorlon@debian.org> Wed, 20 Aug 2008 11:51:51 -0700 + pam (1.0.1-2) unstable; urgency=low * 007_modules_pam_unix: update the documentation to correctly document diff --git a/debian/patches-applied/055_pam_unix_nullok_secure b/debian/patches-applied/055_pam_unix_nullok_secure index 6e4c561b..7ef6a6a2 100644 --- a/debian/patches-applied/055_pam_unix_nullok_secure +++ b/debian/patches-applied/055_pam_unix_nullok_secure @@ -56,11 +56,11 @@ Index: pam.deb/modules/pam_unix/support.c + if (on(UNIX_NULLOK_SECURE, ctrl)) { + const void *uttyname; + retval = pam_get_item(pamh, PAM_TTY, &uttyname); -+ if (retval != PAM_SUCCESS || uttyname == NULL) ++ if (retval != PAM_SUCCESS || uttyname == NULL ++ || _pammodutil_tty_secure(pamh, (const char *)uttyname) != PAM_SUCCESS) ++ { + nullok = 0; -+ -+ if (_pammodutil_tty_secure(pamh, (const char *)uttyname) != PAM_SUCCESS) -+ nullok = 0; ++ } + } + + if (nullok) { |