Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package pam for openSUSE:Factory checked in at 2024-08-07 09:15:01 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam (Old) and /work/SRC/openSUSE:Factory/.pam.new.7232 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam" Wed Aug 7 09:15:01 2024 rev:139 rq:1191852 version:1.6.1 Changes: -------- --- /work/SRC/openSUSE:Factory/pam/pam.changes 2024-04-12 17:33:44.569449229 +0200 +++ /work/SRC/openSUSE:Factory/.pam.new.7232/pam.changes 2024-08-07 09:15:02.563848846 +0200 @@ -1,0 +2,6 @@ +Mon Jul 22 21:31:47 UTC 2024 - Stanislav Brabec <[email protected]> + +- Prevent cursor escape from the login prompt [bsc#1194818] + * Added: pam-bsc1194818-cursor-escape.patch + +------------------------------------------------------------------- New: ---- pam-bsc1194818-cursor-escape.patch BETA DEBUG BEGIN: New:- Prevent cursor escape from the login prompt [bsc#1194818] * Added: pam-bsc1194818-cursor-escape.patch BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam.spec ++++++ --- /var/tmp/diff_new_pack.0iF70b/_old 2024-08-07 09:15:03.631892971 +0200 +++ /var/tmp/diff_new_pack.0iF70b/_new 2024-08-07 09:15:03.631892971 +0200 @@ -96,6 +96,8 @@ Source23: postlogin-password.pamd Source24: postlogin-session.pamd Patch1: pam-limit-nproc.patch +# https://github.com/linux-pam/linux-pam/pull/816 +Patch2: pam-bsc1194818-cursor-escape.patch BuildRequires: audit-devel BuildRequires: bison BuildRequires: flex ++++++ pam-bsc1194818-cursor-escape.patch ++++++ https://github.com/linux-pam/linux-pam/pull/816 >From d52c44fa6e70f3c1420feceafe48dcba10bee51e Mon Sep 17 00:00:00 2001 From: Stanislav Brabec <[email protected]> Date: Mon, 22 Jul 2024 23:18:16 +0200 Subject: [PATCH] libpam_misc: Use ECHOCTL in the terminal input Use the canonical terminal mode (line mode) and set ECHOCTL to prevent cursor escape from the login prompt using arrows or escape sequences. ICANON is the default in most cases anyway. ECHOCTL is default on tty, but for example not on pty, allowing cursor to escape. Stanislav Brabec <[email protected]> --- libpam_misc/misc_conv.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/libpam_misc/misc_conv.c b/libpam_misc/misc_conv.c index 7410e929..6b839b48 100644 --- a/libpam_misc/misc_conv.c +++ b/libpam_misc/misc_conv.c @@ -145,9 +145,10 @@ static int read_string(int echo, const char *prompt, char **retstr) return -1; } memcpy(&term_tmp, &term_before, sizeof(term_tmp)); - if (!echo) { + if (echo) + term_tmp.c_lflag |= ICANON | ECHOCTL; + else term_tmp.c_lflag &= ~(ECHO); - } have_term = 1; /* -- 2.45.2
