Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: pam_pkcs11-32bit | Distribution: SUSE Linux Enterprise 15 |
Version: 0.6.10 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 1.17 | Build date: Sun May 5 05:22:40 2019 |
Group: Productivity/Security | Build host: sheep07 |
Size: 467972 | Source RPM: pam_pkcs11-0.6.10-1.17.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://github.com/OpenSC/pam_pkcs11 | |
Summary: PKCS #11 PAM Module |
This Linux PAM module allows X.509 a certificate-based user authentication. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users' certificates, locally stored CA certificates as well as online or locally accessible CRLs are used. Additionally, the package includes pam_pkcs11-related tools: * pkcs11_eventmgr: Generates actions on card insert, removal, or time-out events * pklogin_finder: Gets the login name that maps to a certificate * pkcs11_inspect: Inspects the contents of a certificate * make_hash_links: Creates hash link directories for storing CAs and CRLs
LGPL-2.1-or-later
* Tue Jan 29 2019 sbrabec@suse.com - Update to version 0.6.10: * Fix some security issues (thx @frankmorgner): https://www.x41-dsec.de/lab/advisories/x41-2018-003-pam_pkcs11/ (drop 0001-verify-using-a-nonce-from-the-system-not-the-card.patch, 0002-fixed-buffer-overflow-with-long-home-directory.patch, 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch). * Fix buffer overflow with long home directory. * Fix wiping secrets (now using OpenSSL_cleanse()). * Verify using a nonce from the system, not the card. * Fix segfalt when checking CRLs (drop pam_pkcs11-crl-check.patch). - Add rcpkcs11_eventmgr service symlink. * Fri Aug 17 2018 vcizek@suse.com - Address security issues found by X41 D-Sec audit (bsc#1105012) * Authentication Replay * Buffer Overflow * Memory not cleaned properly before free() - add patches: * 0001-verify-using-a-nonce-from-the-system-not-the-card.patch * 0002-fixed-buffer-overflow-with-long-home-directory.patch * 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch * Mon Jul 23 2018 sbrabec@suse.com - Fix segfault and fetch problems when checking CRLs (pam_pkcs11-crl-check.patch). * Sun Sep 10 2017 jengelh@inai.de - Repair bulletpoint that skidded in description. Trim description of %name-devel-doc, it does not cotain the programs. * Wed Aug 09 2017 astieger@suse.com - add service file bsc#1049219 * Thu Jul 20 2017 sbrabec@suse.com - Updated to version 0.6.9: * Upstream web moved. * pkcs11_listcerts: Do not fail on certificate error. * Do not fail if card was already unlocked. * Other bug fixes. * Translation updates. - Drop upstreamed pam_pkcs11-0.6.8-fix-crypto-cflags.patch. - Work around incorrect upstream release process not calling "make dist". - Split API documentation into a separate package pam_pkcs11-devel-doc. - Add pam_pkcs11-fsf-address.patch. * Tue Feb 09 2016 antoine.belvire@laposte.net - Fix build for Tumbleweed: * Add pam_pkcs11-0.6.8-fix-crypto-cflags.patch * Rebuild configure with the bootstrap script (add libtool as build dependency) * Tue Jul 10 2012 sbrabec@suse.cz - Updated to version 0.6.8: * Code cleanup. * Bug fixes. * Translation updates. * Tue Feb 28 2012 sbrabec@suse.cz - Change nssdb path to /etc/pki/nssdb (bnc#463469). - Make libdir paths in pam_pkcs11.conf biarch-wise. * Wed Jan 05 2011 sbrabec@suse.cz - Updated to version 0.6.6: * Compatible with pcsc-lite-1.6. * New mapper API. * Minor fixes. * Translaton updates.
/lib/security /lib/security/pam_pkcs11.so /usr/lib/pam_pkcs11 /usr/lib/pam_pkcs11/ldap_mapper.so /usr/lib/pam_pkcs11/opensc_mapper.so /usr/lib/pam_pkcs11/openssh_mapper.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 16:00:25 2024