[Pkg-shadow-commits] r173 - in branches/sarge: debian libmisc
Nicolas FRANCOIS
pkg-shadow-devel@lists.alioth.debian.org
Mon, 23 May 2005 18:47:51 +0000
Author: nekral-guest
Date: 2005-05-23 18:47:50 +0000 (Mon, 23 May 2005)
New Revision: 173
Modified:
branches/sarge/debian/changelog
branches/sarge/libmisc/pwdcheck.c
Log:
Apply patch for 4.0.3-31sarge5.
Modified: branches/sarge/debian/changelog
===================================================================
--- branches/sarge/debian/changelog 2005-05-22 23:48:27 UTC (rev 172)
+++ branches/sarge/debian/changelog 2005-05-23 18:47:50 UTC (rev 173)
@@ -1,3 +1,12 @@
+shadow (1:4.0.3-31sarge5) testing-proposed-updates; urgency=high
+
+ * Re-apply the debian/patches/036_CAN-2004-1001_passwd_check patch
+ which fixed the "Adjusted password check to fix authentication bypass"
+ security issue (CAN-2004-1001)
+ Closes: #309587
+
+ -- Christian Perrier <bubulle@debian.org> Wed, 18 May 2005 07:35:04 +0200
+
shadow (1:4.0.3-31sarge4) testing-proposed-updates; urgency=low
* The "Improve security release"
Modified: branches/sarge/libmisc/pwdcheck.c
===================================================================
--- branches/sarge/libmisc/pwdcheck.c 2005-05-22 23:48:27 UTC (rev 172)
+++ branches/sarge/libmisc/pwdcheck.c 2005-05-23 18:47:50 UTC (rev 173)
@@ -40,7 +40,8 @@
retcode = pam_acct_mgmt(pamh, 0);
if (retcode == PAM_NEW_AUTHTOK_REQD) {
retcode = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
- } else if (retcode)
+ }
+ if (retcode)
goto bailout;
if (pam_setcred(pamh, 0))