Control: tags -1 + patch On Wed, Oct 20, 2021 at 04:56:02PM +0200, Salvatore Bonaccorso wrote: > Source: doas > Version: 6.8.1-2 > Severity: important > Tags: security > X-Debbugs-Cc: [email protected], Debian Security Team > <[email protected]> > > Hi > > It looks that doas replicates the PAM configuration from sudo, which > is missing the inclusion for pam_limits.so (cf. #518464). > > The oss-security post in > https://www.openwall.com/lists/oss-security/2021/10/20/2 given some > details on why. > > For sudo I created the following merge request > https://salsa.debian.org/sudo-team/sudo/-/merge_requests/7 and can > sent as similar change for 'doas' if needed.
Merge request at https://salsa.debian.org/debian/doas/-/merge_requests/2 Regards, Salvatore
