Changelog for
pam_pkcs11-debugsource-0.6.12-5.1.i586.rpm :
* Thu Feb 29 2024 Dominique Leuenberger
- Use %autosetup macro. Allows to eliminate the usage of deprecated %patchN.
* Mon Jan 16 2023 Stefan Schubert - Migration of PAM settings to /usr/lib/pam.d.
* Fri Jul 29 2022 pgajdosAATTsuse.com- use pam rpm macros [bsc#1190957]
* Sat Jan 15 2022 Andreas Stieger - update to 0.6.12:
* Limit signature length to 65536 bytes
* A number of bug fixes and OpenSSL compatibility updates
* console output color updates
* Add support of ECDSA signature in addition to RSA
* Thu Oct 14 2021 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Modified:
* pkcs11_eventmgr.service
* Tue Jan 29 2019 sbrabecAATTsuse.com- Update to version 0.6.10:
* Fix some security issues (thx AATTfrankmorgner): https://www.x41-dsec.de/lab/advisories/x41-2018-003-pam_pkcs11/ (drop 0001-verify-using-a-nonce-from-the-system-not-the-card.patch, 0002-fixed-buffer-overflow-with-long-home-directory.patch, 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch).
* Fix buffer overflow with long home directory.
* Fix wiping secrets (now using OpenSSL_cleanse()).
* Verify using a nonce from the system, not the card.
* Fix segfalt when checking CRLs (drop pam_pkcs11-crl-check.patch).- Add rcpkcs11_eventmgr service symlink.
* Fri Aug 17 2018 vcizekAATTsuse.com- Address security issues found by X41 D-Sec audit (bsc#1105012)
* Authentication Replay
* Buffer Overflow
* Memory not cleaned properly before free()- add patches:
* 0001-verify-using-a-nonce-from-the-system-not-the-card.patch
* 0002-fixed-buffer-overflow-with-long-home-directory.patch
* 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch
* Mon Jul 23 2018 sbrabecAATTsuse.com- Fix segfault and fetch problems when checking CRLs (pam_pkcs11-crl-check.patch).
* Sun Sep 10 2017 jengelhAATTinai.de- Repair bulletpoint that skidded in description. Trim description of %name-devel-doc, it does not cotain the programs.
* Wed Aug 09 2017 astiegerAATTsuse.com- add service file bsc#1049219
