summaryrefslogtreecommitdiff
path: root/debian/patches-applied/cve-2011-4708.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches-applied/cve-2011-4708.patch')
-rw-r--r--debian/patches-applied/cve-2011-4708.patch12
1 files changed, 12 insertions, 0 deletions
diff --git a/debian/patches-applied/cve-2011-4708.patch b/debian/patches-applied/cve-2011-4708.patch
new file mode 100644
index 00000000..b0413ff9
--- /dev/null
+++ b/debian/patches-applied/cve-2011-4708.patch
@@ -0,0 +1,12 @@
+Description: fix cve-2011-4708: .pam_environment privilege issue
+--- pam-1.1.3.orig/modules/pam_env/pam_env.c
++++ pam-1.1.3/modules/pam_env/pam_env.c
+@@ -10,7 +10,7 @@
+ #define DEFAULT_READ_ENVFILE 1
+
+ #define DEFAULT_USER_ENVFILE ".pam_environment"
+-#define DEFAULT_USER_READ_ENVFILE 1
++#define DEFAULT_USER_READ_ENVFILE 0
+
+ #include "config.h"
+