Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

pam_pkcs11-32bit-0.6.10-1.17 RPM for x86_64

From OpenSuSE Leap 15.4 for x86_64

Name: pam_pkcs11-32bit Distribution: SUSE Linux Enterprise 15
Version: 0.6.10 Vendor: SUSE LLC <https://www.suse.com/>
Release: 1.17 Build date: Sun May 5 05:22:40 2019
Group: Productivity/Security Build host: sheep07
Size: 467972 Source RPM: pam_pkcs11-0.6.10-1.17.src.rpm
Packager: https://www.suse.com/
Url: https://github.com/OpenSC/pam_pkcs11
Summary: PKCS #11 PAM Module
This Linux PAM module allows X.509 a certificate-based user
authentication. The certificate and its dedicated private key are
thereby accessed by means of an appropriate PKCS #11 module. For the
verification of the users' certificates, locally stored CA certificates
as well as online or locally accessible CRLs are used.

Additionally, the package includes pam_pkcs11-related tools:

* pkcs11_eventmgr: Generates actions on card insert, removal, or
  time-out events

* pklogin_finder: Gets the login name that maps to a certificate

* pkcs11_inspect: Inspects the contents of a certificate

* make_hash_links: Creates hash link directories for storing CAs and
CRLs

Provides

Requires

License

LGPL-2.1-or-later

Changelog

* Tue Jan 29 2019 sbrabec@suse.com
  - Update to version 0.6.10:
    * Fix some security issues (thx @frankmorgner):
      https://www.x41-dsec.de/lab/advisories/x41-2018-003-pam_pkcs11/
      (drop 0001-verify-using-a-nonce-from-the-system-not-the-card.patch,
      0002-fixed-buffer-overflow-with-long-home-directory.patch,
      0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch).
    * Fix buffer overflow with long home directory.
    * Fix wiping secrets (now using OpenSSL_cleanse()).
    * Verify using a nonce from the system, not the card.
    * Fix segfalt when checking CRLs
      (drop pam_pkcs11-crl-check.patch).
  - Add rcpkcs11_eventmgr service symlink.
* Fri Aug 17 2018 vcizek@suse.com
  - Address security issues found by X41 D-Sec audit (bsc#1105012)
    * Authentication Replay
    * Buffer Overflow
    * Memory not cleaned properly before free()
  - add patches:
    * 0001-verify-using-a-nonce-from-the-system-not-the-card.patch
    * 0002-fixed-buffer-overflow-with-long-home-directory.patch
    * 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch
* Mon Jul 23 2018 sbrabec@suse.com
  - Fix segfault and fetch problems when checking CRLs
    (pam_pkcs11-crl-check.patch).
* Sun Sep 10 2017 jengelh@inai.de
  - Repair bulletpoint that skidded in description.
    Trim description of %name-devel-doc, it does not cotain
    the programs.
* Wed Aug 09 2017 astieger@suse.com
  - add service file bsc#1049219
* Thu Jul 20 2017 sbrabec@suse.com
  - Updated to version 0.6.9:
    * Upstream web moved.
    * pkcs11_listcerts: Do not fail on certificate error.
    * Do not fail if card was already unlocked.
    * Other bug fixes.
    * Translation updates.
  - Drop upstreamed pam_pkcs11-0.6.8-fix-crypto-cflags.patch.
  - Work around incorrect upstream release process not calling
    "make dist".
  - Split API documentation into a separate package
    pam_pkcs11-devel-doc.
  - Add pam_pkcs11-fsf-address.patch.
* Tue Feb 09 2016 antoine.belvire@laposte.net
  - Fix build for Tumbleweed:
    * Add pam_pkcs11-0.6.8-fix-crypto-cflags.patch
    * Rebuild configure with the bootstrap script (add libtool as
      build dependency)
* Tue Jul 10 2012 sbrabec@suse.cz
  - Updated to version 0.6.8:
    * Code cleanup.
    * Bug fixes.
    * Translation updates.
* Tue Feb 28 2012 sbrabec@suse.cz
  - Change nssdb path to /etc/pki/nssdb (bnc#463469).
  - Make libdir paths in pam_pkcs11.conf biarch-wise.
* Wed Jan 05 2011 sbrabec@suse.cz
  - Updated to version 0.6.6:
    * Compatible with pcsc-lite-1.6.
    * New mapper API.
    * Minor fixes.
    * Translaton updates.

Files

/lib/security
/lib/security/pam_pkcs11.so
/usr/lib/pam_pkcs11
/usr/lib/pam_pkcs11/ldap_mapper.so
/usr/lib/pam_pkcs11/opensc_mapper.so
/usr/lib/pam_pkcs11/openssh_mapper.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 16:00:25 2024