Module Name: src
Committed By: bouyer
Date: Sat Nov 19 14:00:18 UTC 2011
Modified Files:
src/doc [netbsd-5]: CHANGES-5.2
Log Message:
ticket 1696
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.116 -r1.1.2.117 src/doc/CHANGES-5.2
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-5.2
diff -u src/doc/CHANGES-5.2:1.1.2.116 src/doc/CHANGES-5.2:1.1.2.117
--- src/doc/CHANGES-5.2:1.1.2.116 Fri Nov 18 23:27:59 2011
+++ src/doc/CHANGES-5.2 Sat Nov 19 14:00:18 2011
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-5.2,v 1.1.2.116 2011/11/18 23:27:59 sborrill Exp $
+# $NetBSD: CHANGES-5.2,v 1.1.2.117 2011/11/19 14:00:18 bouyer Exp $
A complete list of changes from the NetBSD 5.1 release to the NetBSD 5.2
release:
@@ -5812,3 +5812,15 @@ sys/dev/pci/if_age.c 1.40 via patch
not be properly reenabled after this, leading do watchdog timeouts.
[bouyer, ticket #1694]
+dist/openpam/lib/openpam_configure.c 1.6
+
+ Don't allow '/' characters in the "service" argument to pam_start()
+ The "service" is blindly appended to config directories ("/etc/pam.d/"),
+ and if a user can control the "service" it can get PAM to read config
+ files from any location.
+ This is not a problem with most software because the "service" is
+ usually a constant string. The check protects 3rd party software
+ from being abused.
+ (CVE-2011-4122)
+ [drochner, ticket #1696]
+
