|
|
@@ -6,7 +6,7 @@ Summary: A security tool which provides authentication for applications
|
|
|
Summary(ja): アプリケーションに認証の仕組みを提供するセキュリティツール
|
|
|
Name: pam
|
|
|
Version: 1.1.1
|
|
|
-Release: 4%{?_dist_release}
|
|
|
+Release: 5%{?_dist_release}
|
|
|
# The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
|
|
|
# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+
|
|
|
License: BSD and GPLv2+
|
|
|
@@ -30,6 +30,12 @@ Patch8: pam-1.1.1-authtok-prompt.patch
|
|
|
|
|
|
Patch700: pam-0.99.9-sg-dev.patch
|
|
|
|
|
|
+## security patch(es)
|
|
|
+# fix CVE-2010-3435 and CVE-2010-3316
|
|
|
+Patch1009: pam-1.1.1-drop-privs.patch
|
|
|
+# fix CVE-2010-3853
|
|
|
+Patch1010: pam-1.1.1-cve-2010-3853.patch
|
|
|
+
|
|
|
%define _sbindir /sbin
|
|
|
%define _moduledir /%{_lib}/security
|
|
|
%define _secconfdir %{_sysconfdir}/security
|
|
|
@@ -163,6 +169,10 @@ mv pam-redhat-%{pam_redhat_version}/* modules
|
|
|
|
|
|
%patch700 -p1
|
|
|
|
|
|
+## security patch(es)
|
|
|
+%patch1009 -p1 -b .drop-privs
|
|
|
+%patch1010 -p1 -b .execle
|
|
|
+
|
|
|
libtoolize -f
|
|
|
autoreconf
|
|
|
|
|
|
@@ -493,6 +503,11 @@ fi
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
+* Tue Apr 19 2011 IWAI, Masaharu <iwai@alib.jp> 1.1.1-5
|
|
|
+- add patches from RHEL 1.1.1-4.1
|
|
|
+ - drop-privs patch (Patch1009): fix CVE-2010-3435 and CVE-2010-3316
|
|
|
+ - CVE-2010-3853 (Patch1010)
|
|
|
+
|
|
|
* Mon Apr 18 2011 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.1.1-4
|
|
|
- rebuilt with recent environment.
|
|
|
|
iwaim