GNU bug report logs -
#75640
[PATCH] gnu: Update pam-u2f to 3.1.2
Previous Next
To reply to this bug, email your comments to 75640 AT debbugs.gnu.org.
There is no need to reopen the bug first.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org:
bug#75640; Package
guix-patches.
(Sat, 18 Jan 2025 03:27:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Lesik Edelweiss <lesikedelweiss <at> disroot.org>:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org.
(Sat, 18 Jan 2025 03:27:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
This fixes the CVE-2025-23013
Change-Id: I4a7d37c25af38ff90bbae18adc0d4b145c7ad3c0
---
gnu/packages/security-token.scm | 32 +++++++++++++++-----------------
1 file changed, 15 insertions(+), 17 deletions(-)
diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index cb6746c028..f04dab6909 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -682,25 +682,23 @@ (define-public libu2f-server
(define-public pam-u2f
(package
(name "pam-u2f")
- (version "1.3.0")
- (source (origin
- (method git-fetch)
- (uri
- (git-reference
- (url "https://github.com/Yubico/pam-u2f")
- (commit (string-append "pam_u2f-" version))))
- (file-name (git-file-name name version))
- (sha256
- (base32 "1swvys98mw7ailllgqicvhj315qajhvqrmm314cp3bj0l76s9qpv"))))
+ (version "1.3.2")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/Yubico/pam-u2f")
+ (commit (string-append "pam_u2f-" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0528r0q3j1d6cb3dzh9vgagr8v2b2y5yylykr1cqjmg9hvp35a4i"))))
(build-system gnu-build-system)
(arguments
- `(#:configure-flags
- (list (string-append "--with-pam-dir="
- (assoc-ref %outputs "out") "/lib/security"))))
- (inputs
- (list libfido2 linux-pam openssl))
- (native-inputs
- (list asciidoc autoconf automake libtool pkg-config))
+ `(#:configure-flags (list (string-append "--with-pam-dir="
+ (assoc-ref %outputs "out")
+ "/lib/security"))))
+ (inputs (list libfido2 linux-pam openssl))
+ (native-inputs (list asciidoc autoconf automake libtool pkg-config))
(home-page "https://developers.yubico.com/pam-u2f/")
(synopsis "PAM module for U2F authentication")
(description
base-commit: f0804b0c2253542e9f0e255fbf8dc5847bba919d
--
2.47.1
Reply sent
to
Hilton Chain <hako <at> ultrarare.space>:
You have taken responsibility.
(Sat, 18 Jan 2025 14:30:04 GMT)
Full text and
rfc822 format available.
Notification sent
to
Lesik Edelweiss <lesikedelweiss <at> disroot.org>:
bug acknowledged by developer.
(Sat, 18 Jan 2025 14:30:04 GMT)
Full text and
rfc822 format available.
Message #10 received at 75640-done <at> debbugs.gnu.org (full text, mbox):
On Sat, 18 Jan 2025 06:33:46 +0800,
Lesik Edelweiss via Guix-patches via wrote:
>
> This fixes the CVE-2025-23013
>
> Change-Id: I4a7d37c25af38ff90bbae18adc0d4b145c7ad3c0
> ---
> gnu/packages/security-token.scm | 32 +++++++++++++++-----------------
> 1 file changed, 15 insertions(+), 17 deletions(-)
Applied as c029eb43b4ff553bc2fa77ddd07c5a78da5fd8c9, thanks!
This bug report was last modified 19 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.