[Lunar-commits] <moonbase> shadow: Version bump to 4.1.2.1
Stefan Wold
ratler at lunar-linux.org
Thu Jul 24 09:25:01 CEST 2008
commit bc3fd228659d2a4f8f3f978d8e062c0a452c2056
Author: Stefan Wold <ratler at lunar-linux.org>
Date: Thu Jul 24 09:25:01 2008 +0200
shadow: Version bump to 4.1.2.1
* SECURITY BUMP
- Fix an "audit log injection" vulnerability in login.
This vulnerability makes it easier for attackers to hide activities by
modifying portions of log events, e.g. by appending an addr= statement
to the login name.
* Minor tweaking in BUILD
* Added pam.d files I forgot to commit last bump
---
security/shadow/BUILD | 1 +
security/shadow/DETAILS | 6 +++---
security/shadow/pam.d/groupmems | 4 ++++
security/shadow/pam.d/groupmod | 4 ++++
security/shadow/pam.d/newusers | 4 ++++
5 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/security/shadow/BUILD b/security/shadow/BUILD
index 2c6e854..8a1e0b4 100644
--- a/security/shadow/BUILD
+++ b/security/shadow/BUILD
@@ -14,6 +14,7 @@
--datadir=/usr/share \
--infodir=/usr/share/info \
--mandir=/usr/share/man \
+ --localedir=/usr/share/locale \
--with-libcrypt \
--with-libcrack \
--without-selinux \
diff --git a/security/shadow/DETAILS b/security/shadow/DETAILS
index e1f5f6f..24674a1 100644
--- a/security/shadow/DETAILS
+++ b/security/shadow/DETAILS
@@ -1,16 +1,16 @@
MODULE=shadow
- VERSION=4.1.2
+ VERSION=4.1.2.1
SOURCE=$MODULE-$VERSION.tar.bz2
SOURCE2=login-1.3.defs.pam
SOURCE_URL=ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/
SOURCE2_URL=$PATCH_URL
SOURCE3_URL=$PATCH_URL
- SOURCE_VFY=sha1:ce005ce380b043dbfdbddcf0ac7b9a750217f0f6
+ SOURCE_VFY=sha1:a007e90d844d25d67a49699d508613ccea54e068
SOURCE2_VFY=sha1:92676e80ec2e8e83d0dcbd688e1e4026b647232e
WEB_SITE=http://packages.qa.debian.org/s/shadow.html
MAINTAINER=ratler at lunar-linux.org
ENTERED=20010922
- UPDATED=20080624
+ UPDATED=20080724
SHORT="Contains the shadow password file utilities"
PSAFE=no
diff --git a/security/shadow/pam.d/groupmems b/security/shadow/pam.d/groupmems
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/security/shadow/pam.d/groupmems
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/security/shadow/pam.d/groupmod b/security/shadow/pam.d/groupmod
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/security/shadow/pam.d/groupmod
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/security/shadow/pam.d/newusers b/security/shadow/pam.d/newusers
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/security/shadow/pam.d/newusers
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
More information about the Lunar-commits
mailing list