diff options
author | des <des@FreeBSD.org> | 2014-09-15 13:40:09 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2014-09-15 13:40:09 +0000 |
commit | ec657b1011e13ad7b3fd90dcd70012551683cad0 (patch) | |
tree | fb19e946266073d4ddbc34082d343b683171badf /contrib/openpam/HISTORY | |
parent | ebd8a253bb50d17048c8bbdcc4d20b61c1fa75b5 (diff) | |
parent | af5b91d2306bc5ec4c34b50ecb1817ec1441df49 (diff) | |
download | FreeBSD-src-ec657b1011e13ad7b3fd90dcd70012551683cad0.zip FreeBSD-src-ec657b1011e13ad7b3fd90dcd70012551683cad0.tar.gz |
Upgrade to OpenPAM Ourouparia.
Diffstat (limited to 'contrib/openpam/HISTORY')
-rw-r--r-- | contrib/openpam/HISTORY | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/contrib/openpam/HISTORY b/contrib/openpam/HISTORY index ddb4d42..31a2c71 100644 --- a/contrib/openpam/HISTORY +++ b/contrib/openpam/HISTORY @@ -1,3 +1,24 @@ +OpenPAM Ourouparia 2014-09-12 + + - ENHANCE: When executing a chain, require at least one service + function to succeed. This mitigates fail-open scenarios caused by + misconfigurations or missing modules. + + - ENHANCE: Make sure to overwrite buffers which may have contained an + authentication token when they're no longer needed. + + - BUGFIX: Under certain circumstances, specifying a non-existent + module (or misspelling the name of a module) in a policy could + result in a fail-open scenario. (CVE-2014-3879) + + - FEATURE: Add a search path for modules. This was implemented in + Nummularia but inadvertently left out of the release notes. + + - BUGFIX: The is_upper() predicate only accepted the letter A as an + upper-case character instead of the entire A-Z range. As a result, + service and module names containing upper-case letters other than A + would be rejected. +============================================================================ OpenPAM Nummularia 2013-09-07 - ENHANCE: Rewrite the dynamic loader to improve readability and @@ -97,7 +118,7 @@ OpenPAM Lycopsida 2011-12-18 module before loading it. - ENHANCE: added / improved input validation in many cases, including - the policy file and some function arguments. + the policy file and some function arguments. (CVE-2011-4122) ============================================================================ OpenPAM Hydrangea 2007-12-21 @@ -427,5 +448,3 @@ Fixed a number of bugs in the previous release, including: OpenPAM Calamite 2002-02-09 First (beta) release. -============================================================================ -$Id: HISTORY 737 2013-09-07 12:53:55Z des $ |