![oss-sec logo](/images/oss-sec-logo.png)
oss-sec mailing list archives
CVE Request -- pam
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Thu, 05 Mar 2009 10:55:53 +0100
Hello Steve, Marcus Granado recently reported a security issue in libpam related to parsing of non-ascii usernames in the Pam configuration files. Attaching his report for more details. Affected version: pam <= 1.0.3 Link to SCM repo: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log Patch: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&r2=1.10&view=patch Could you please allocate a new CVE id for it? Thanks && regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Attachment:
pam_misc.txt
Description:
Current thread:
- CVE Request -- pam Jan Lieskovsky (Mar 05)