Package pam-1.5.1-25.el9_6.x86_64 content_copy download

×

* Mon Jun 16 2025 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-25
- pam_namespace: fix potential privilege escalation.
  Resolves: CVE-2025-6020 and RHEL-96729

* Thu Nov 21 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-23
- pam_access: rework resolving of tokens as hostname.
  Resolves: CVE-2024-10963 and RHEL-66244

* Mon Nov 04 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-22
- pam_unix: always run the helper to obtain shadow password file entries.
  CVE-2024-10041. Resolves: RHEL-62879
- pam_access: always match local address and clarify LOCAL keyword behaviour.
  Resolves: RHEL-23631 and RHEL-39943

* Tue Jun 18 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-20
- libpam: support long lines in service files. Resolves: RHEL-40705

* Mon Feb 12 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-19
- pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS
  situations. CVE-2024-22365. Resolves: RHEL-21244

* Fri Jan 26 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-18
- libpam: use getlogin() from libc and not utmp. Resolves: RHEL-16727
- pam_access: handle hostnames in access.conf. Resolves: RHEL-22300

* Mon Jan 08 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-17
- pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-20943

* Fri Nov 10 2023 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-16
- libpam: use close_range() to close file descriptors. Resolves: RHEL-5099
- fix formatting of audit messages. Resolves: RHEL-5100

* Mon Jun 26 2023 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-15
- pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2215007