Hello,
I was looking in source code of libpam 1.2.1 ( Linux-PAM-1.2.1/modules/pam_env/pam_env.c) and I don’t see fix for
Security vulnerability issue CVE-2010-4708.
Should not DEFAULT_USER_READ_ENVFILE be defined as
#define DEFAULT_USER_READ_ENVFILE 1
Please suggest if this security issue is fix in different way in release 1.2.1 Or
I still need a patch for CVE-2010-4708 ?
Regards,
Amol T
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list