[Bug 238566] New: Linux-PAM Login Bypass Security Vulnerability(CVE-2007-0003)
https://bugzilla.novell.com/show_bug.cgi?id=238566 Summary: Linux-PAM Login Bypass Security Vulnerability(CVE-2007- 0003) Product: openSUSE 10.2 Version: Final Platform: All OS/Version: SuSE Other Status: NEW Severity: Major Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: takezou040728@yahoo.co.jp QAContact: qa@suse.de Linux-PAM-0.99.7.1 was released. (Security fix for pam_unix.so) References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0003 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 ------- Comment #1 from takezou040728@yahoo.co.jp 2007-01-24 20:25 MST ------- Created an attachment (id=114857) --> (https://bugzilla.novell.com/attachment.cgi?id=114857&action=view) diff of Linux-PAM-0.99.7.0 Linux-PAM-0.99.7.1(modules/pam_unix/support.c) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 chrubis@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |security-team@suse.de |screening@forge.provo.novell| |.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Comment #2 from lnussel@novell.com 2007-01-25 08:01 MST ------- We didn't ship 0.99.7.0. Factory already has 0.99.7.1. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 ------- Comment #3 from takezou040728@yahoo.co.jp 2007-01-28 20:06 MST -------
We didn't ship 0.99.7.0. Factory already has 0.99.7.1. I think that pam-0.99.6.3-24.src.rpm of openSUSE 10.2 is equal to Linux-PAM-0.99.7.0. (The patch is added in pam-0.99.6.3-24. (pam_unix-crypt.diff) )
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | ------- Comment #4 from lnussel@novell.com 2007-01-29 01:01 MST ------- => reopen -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|security-team@suse.de |kukuk@novell.com Status|REOPENED |NEW -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Linux-PAM Login Bypass |VUL-0: Linux-PAM Login Bypass Security |Security Vulnerability(CVE- |Vulnerability(CVE-2007-0003) |2007-0003) | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 kukuk@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX ------- Comment #5 from kukuk@novell.com 2007-01-29 01:08 MST ------- But we don't use that module. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de Severity|Major |Normal Status|RESOLVED |REOPENED Resolution|WONTFIX | ------- Comment #6 from lnussel@novell.com 2007-01-30 07:11 MST ------- we ship it so people could activate it, therefore we need to fix it. Just like with other packages that have plugins. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 kukuk@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|kukuk@novell.com |mc@novell.com Status|REOPENED |NEW ------- Comment #7 from kukuk@novell.com 2007-01-31 16:35 MST ------- We should remove that patch from 10.2. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 mc@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Info Provider|lnussel@novell.com | Resolution| |FIXED ------- Comment #10 from mc@novell.com 2007-02-05 06:38 MST ------- ok, submitted to 10.2 . => fixed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 thomas@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | ------- Comment #11 from thomas@novell.com 2007-02-06 01:36 MST ------- re-opened for tracking -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 thomas@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |patch-request@suse.de AssignedTo|mc@novell.com |security-team@suse.de Status|REOPENED |NEW -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=238566 meissner@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Comment #12 from meissner@novell.com 2007-02-14 03:40 MST ------- released -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com