Google Git
Sign in
android-kvm / buildroot / 70499767e510cf02e6b6771c51c8720defe99c54
commit70499767e510cf02e6b6771c51c8720defe99c54[log] [tgz]
authorFabrice Fontaine <fontaine.fabrice@gmail.com>Wed Oct 28 09:26:58 2020 +0100
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>Thu Oct 29 23:38:48 2020 +0100
tree0900aef7f5119254dfa7d857f84b488e0c3f6e72
parentef4f72aef7bf87ed0c31fbabedca3904053c39d8 [diff]
package/libpam-tacplus: fix CVE-2020-27743

libtac in pam_tacplus through 1.5.1 lacks a check for a failure of
RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a
non-random/predictable session_id.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2 files changed
tree: 0900aef7f5119254dfa7d857f84b488e0c3f6e72
  1. arch/
  2. board/
  3. boot/
  4. configs/
  5. docs/
  6. fs/
  7. linux/
  8. package/
  9. support/
  10. system/
  11. toolchain/
  12. utils/
  13. .defconfig
  14. .flake8
  15. .gitignore
  16. .gitlab-ci.yml
  17. CHANGES
  18. Config.in
  19. Config.in.legacy
  20. COPYING
  21. DEVELOPERS
  22. Makefile
  23. Makefile.legacy
  24. README