Hello,
I'm happy to announce that Linux-PAM 1.5.1 has been released.
Noteworthy changes in Linux-PAM 1.5.1:
* pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
doesn't exist and root password is blank
* pam_faillock: added nodelay option to not set pam_fail_delay
* pam_wheel: use pam_modutil_user_in_group to check for the group membership
with getgrouplist where it is available
Release link with the tarballs and their signatures for download:
https://github.com/linux-pam/linux-pam/releases/tag/v1.5.1
Dmitry V. Levin, Tomas Mraz, Thorsten Kukuk
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
