pam 1.4.0-11ubuntu2.6 source package in Ubuntu
Changelog
pam (1.4.0-11ubuntu2.6) jammy-security; urgency=medium
* SECURITY UPDATE: privilege escalation via pam_namespace
- debian/patches-applied/pam_namespace_170.patch: sync pam_namespace
module to version 1.7.0.
- debian/patches-applied/pam_namespace_post170-*.patch: add post-1.7.0
changes from upstream git tree.
- debian/patches-applied/pam_namespace_revert_abi.patch: revert ABI
change to prevent unintended issues in running daemons.
- debian/patches-applied/CVE-2025-6020-1.patch: fix potential privilege
escalation.
- debian/patches-applied/CVE-2025-6020-2.patch: add flags to indicate
path safety.
- debian/patches-applied/CVE-2025-6020-3.patch: secure_opendir: do not
look at the group ownership.
- debian/patches-applied/CVE-2024-22365.patch: removed, included in
patch cluster above.
- CVE-2025-6020
-- Marc Deslauriers <email address hidden> Thu, 12 Jun 2025 10:45:28 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jammy | updates | main | libs | |
| Jammy | security | main | libs |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| pam_1.4.0.orig.tar.xz | 965.7 KiB | cd6d928c51e64139be3bdb38692c68183a509b83d4f2c221024ccd4bcddfd034 |
| pam_1.4.0-11ubuntu2.6.debian.tar.xz | 183.2 KiB | 3c39973311d521677a9e35994eedf22fe24d0fc1da39f31abeeaab82eb3674f8 |
| pam_1.4.0-11ubuntu2.6.dsc | 2.7 KiB | 3a3ad2fc2206083b7b8b143e1adc904cb5399ba1be9067a749332194d87cbd47 |
Available diffs
Binary packages built by this source
- libpam-cracklib: PAM module to enable cracklib support
This package includes libpam_cracklib, a PAM module that tests
passwords to make sure they are not too weak during password change.
- libpam-cracklib-dbgsym: debug symbols for libpam-cracklib
- libpam-doc: Documentation of PAM
Contains documentation (in HTML, ASCII, and PostScript format) for libpam,
the Pluggable Authentication Modules library, a library that enables the
local system administrator to choose how applications authenticate users.
- libpam-modules: Pluggable Authentication Modules for PAM
This package completes the set of modules for PAM. It includes the
pam_unix.so module as well as some specialty modules.
- libpam-modules-bin: Pluggable Authentication Modules for PAM - helper binaries
This package contains helper binaries used by the standard set of PAM
modules in the libpam-modules package.
- libpam-modules-bin-dbgsym: debug symbols for libpam-modules-bin
- libpam-modules-dbgsym: debug symbols for libpam-modules
- libpam-runtime: Runtime support for the PAM library
Contains configuration files and directories required for
authentication to work on Debian systems. This package is required
on almost all installations.
- libpam0g: Pluggable Authentication Modules library
Contains the shared library for Linux-PAM, a library that enables the
local system administrator to choose how applications authenticate users.
In other words, without rewriting or recompiling a PAM-aware application,
it is possible to switch between the authentication mechanism(s) it uses.
One may entirely upgrade the local authentication system without touching
the applications themselves.
- libpam0g-dbgsym: debug symbols for libpam0g
- libpam0g-dev: Development files for PAM
Contains C header files and development libraries for libpam, the Pluggable
Authentication Modules, a library that enables the local system
administrator to choose how applications authenticate users.
.
PAM decouples applications from the authentication mechanism, making it
possible to upgrade the authentication system without recompiling or
rewriting the applications.
