From bcf03cab9b41de1d9b3c3a4b389ccc298a505f76 Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Tue, 11 Aug 2020 16:39:08 -0700 Subject: debian/patches-applied/cve-2010-4708.patch: drop, applied upstream. --- debian/changelog | 1 + debian/patches-applied/cve-2010-4708.patch | 53 ------------------------------ debian/patches-applied/series | 1 - 3 files changed, 1 insertion(+), 54 deletions(-) delete mode 100644 debian/patches-applied/cve-2010-4708.patch (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index ebfde748..82d8b2dd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,7 @@ pam (1.4.0-1) UNRELEASED; urgency=medium - Stop using obsoleted selinux headers. Closes: #956355. * Drop patches to implement "nullok_secure" option for pam_unix. Closes: #674857, #936071, LP: #1860826. + * debian/patches-applied/cve-2010-4708.patch: drop, applied upstream. -- Steve Langasek Tue, 11 Aug 2020 14:58:13 -0700 diff --git a/debian/patches-applied/cve-2010-4708.patch b/debian/patches-applied/cve-2010-4708.patch deleted file mode 100644 index 0ab2a8e4..00000000 --- a/debian/patches-applied/cve-2010-4708.patch +++ /dev/null @@ -1,53 +0,0 @@ -Description: fix cve-2010-4708: .pam_environment privilege issue -Index: pam/modules/pam_env/pam_env.c -=================================================================== ---- pam.orig/modules/pam_env/pam_env.c -+++ pam/modules/pam_env/pam_env.c -@@ -10,7 +10,7 @@ - #define DEFAULT_READ_ENVFILE 1 - - #define DEFAULT_USER_ENVFILE ".pam_environment" --#define DEFAULT_USER_READ_ENVFILE 1 -+#define DEFAULT_USER_READ_ENVFILE 0 - - #include "config.h" - -Index: pam/modules/pam_env/pam_env.8.xml -=================================================================== ---- pam.orig/modules/pam_env/pam_env.8.xml -+++ pam/modules/pam_env/pam_env.8.xml -@@ -158,7 +158,7 @@ - - - Turns on or off the reading of the user specific environment -- file. 0 is off, 1 is on. By default this option is on. -+ file. 0 is off, 1 is on. By default this option is off. - - - -Index: pam/modules/pam_env/pam_env.8 -=================================================================== ---- pam.orig/modules/pam_env/pam_env.8 -+++ pam/modules/pam_env/pam_env.8 -@@ -101,7 +101,7 @@ - .PP - \fBuser_readenv=\fR\fB\fI0|1\fR\fR - .RS 4 --Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is on\&. -+Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is off\&. - .RE - .SH "MODULE TYPES PROVIDED" - .PP -Index: pam/modules/pam_env/README -=================================================================== ---- pam.orig/modules/pam_env/README -+++ pam/modules/pam_env/README -@@ -57,7 +57,7 @@ - user_readenv=0|1 - - Turns on or off the reading of the user specific environment file. 0 is -- off, 1 is on. By default this option is on. -+ off, 1 is on. By default this option is off. - - EXAMPLES - diff --git a/debian/patches-applied/series b/debian/patches-applied/series index 4e56e9ce..689f2dcf 100644 --- a/debian/patches-applied/series +++ b/debian/patches-applied/series @@ -14,7 +14,6 @@ do_not_check_nis_accidentally hurd_no_setfsuid 040_pam_limits_log_failure 045_pam_dispatch_jump_is_ignore -cve-2010-4708.patch PAM-manpage-section update-motd no_PATH_MAX_on_hurd -- cgit v1.2.3