[ubuntu/questing-proposed] pam 1.5.3-7ubuntu6 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Jun 18 17:05:30 UTC 2025
pam (1.5.3-7ubuntu6) questing; urgency=medium
* SECURITY UPDATE: privilege escalation via pam_namespace
- debian/patches/pam_namespace_170.patch: sync pam_namespace module to
version 1.7.0.
- debian/patches/pam_namespace_post170-*.patch: add post-1.7.0 changes
from upstream git tree.
- debian/patches/pam_namespace_revert_abi.patch: revert ABI change to
prevent unintended issues in running daemons.
- debian/patches/CVE-2025-6020-1.patch: fix potential privilege
escalation.
- debian/patches/CVE-2025-6020-2.patch: add flags to indicate path
safety.
- debian/patches/CVE-2025-6020-3.patch: secure_opendir: do not look at
the group ownership.
- debian/patches/pam_namespace_o_directory.patch: removed, included in
patch cluster above.
- CVE-2025-6020
Date: Wed, 18 Jun 2025 12:58:44 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/pam/1.5.3-7ubuntu6
-------------- next part --------------
Format: 1.8
Date: Wed, 18 Jun 2025 12:58:44 -0400
Source: pam
Built-For-Profiles: noudeb
Architecture: source
Version: 1.5.3-7ubuntu6
Distribution: questing
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
pam (1.5.3-7ubuntu6) questing; urgency=medium
.
* SECURITY UPDATE: privilege escalation via pam_namespace
- debian/patches/pam_namespace_170.patch: sync pam_namespace module to
version 1.7.0.
- debian/patches/pam_namespace_post170-*.patch: add post-1.7.0 changes
from upstream git tree.
- debian/patches/pam_namespace_revert_abi.patch: revert ABI change to
prevent unintended issues in running daemons.
- debian/patches/CVE-2025-6020-1.patch: fix potential privilege
escalation.
- debian/patches/CVE-2025-6020-2.patch: add flags to indicate path
safety.
- debian/patches/CVE-2025-6020-3.patch: secure_opendir: do not look at
the group ownership.
- debian/patches/pam_namespace_o_directory.patch: removed, included in
patch cluster above.
- CVE-2025-6020
Checksums-Sha1:
9910d45b14276a183b3a039d57e61329cdb60e6e 2719 pam_1.5.3-7ubuntu6.dsc
c3e34661bf763f99908ee12fedf1c9057db2e351 202796 pam_1.5.3-7ubuntu6.debian.tar.xz
366e3a52cd02a805741bfed1146b262041d38025 7225 pam_1.5.3-7ubuntu6_source.buildinfo
Checksums-Sha256:
b7a13d01854d09d3b108455f6cc11223409dc61bef75874baccdf93413dc929e 2719 pam_1.5.3-7ubuntu6.dsc
7848f380ee06be8808b2cb4a94730c812f055e04e122fa0af2e11e1c29de49cc 202796 pam_1.5.3-7ubuntu6.debian.tar.xz
fbebe124fe9fc2f1384540b9de050d4f124a41cd6fdc48e31635d2878172cc7b 7225 pam_1.5.3-7ubuntu6_source.buildinfo
Files:
c68c3ad169566123e846de54ea251afa 2719 libs optional pam_1.5.3-7ubuntu6.dsc
1953ffd5f1f61957a3d8dfe657de83a3 202796 libs optional pam_1.5.3-7ubuntu6.debian.tar.xz
837f998d818ee7f86e26d7894076dbf7 7225 libs optional pam_1.5.3-7ubuntu6_source.buildinfo
Original-Maintainer: Sam Hartman <hartmans at debian.org>
More information about the Questing-changes
mailing list